[SERVER-40442] Re-fetch an externally stored password when LDAP bind fails using a service account - MongoDB

XML

Word

Printable

Details

Type: New Feature
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 4.1.9
Fix Version/s: 4.3.1
Component/s: Security
Labels:
None

Backwards Compatibility:
Fully Compatible
Epic Link:
Security FY2020Q2 Quick Wins
Sprint:
Security 2019-04-22, Security 2019-05-06, Security 2019-06-03, Security 2019-06-17

Description

When an externally stored password for the LDAP service account gets changed, MongoDB Enterprise Server must somehow be able to obtain the fresh password. This can be accomplished by allowing it to know multiple potential passwords for service accounts in order to enable rotation.

Attachments

Issue Links

is documented by

DOCS-12786 Docs for SERVER-40442: Re-fetch an externally stored password when LDAP bind fails using a service account

External Review

Activity

People

Assignee:: Jonathan Reams

Reporter:: Andrey Brindeev

Participants:: Andrey Brindeev, Githook User, Jonathan Reams

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: Apr 02 2019 04:40:23 PM UTC

Updated:: Jun 07 2019 08:09:17 PM UTC

Resolved:: Jun 05 2019 03:00:05 PM UTC