Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-79978

Improve OpenLDAP-specific logging

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 7.2.0-rc0
    • None
    • None
    • None
    • Server Security
    • Fully Compatible
    • Security 2023-09-04, Security 2023-09-18, Security 2023-10-02

    Description

      Today, there are a few issues that make it challenging to debug OpenLDAP-specific issues. Making the following logging-related adjustments will help isolate the root cause of LDAP failures.

      1. Reduce the verbosity of MongoDB logs issued within the OpenLDAPConnection class to 1. This is lower than the verbosity of most connection pool logs (2+) and thus can be used to filter logs better.
      2. Investigate setting LDAP_OPT_DEBUG_LEVEL to a higher level (it is currently not being set). This may elicit better diagnostic messages when libldap encounters errors.
      3. Produce a new startup warning log when running RHEL 7 informing customers that OpenLDAP may not properly enforce timeouts when chasing referrals.

      Attachments

        Activity

          People

            varun.ravichandran@mongodb.com Varun Ravichandran
            varun.ravichandran@mongodb.com Varun Ravichandran
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: