[COMPASS-7218] Investigate changes in SERVER-79156: Track and log failed LDAP referrals Created: 14/Sep/23  Updated: 15/Sep/23  Resolved: 15/Sep/23

Status: Closed
Project: Compass
Component/s: None
Affects Version/s: None
Fix Version/s: No version

Type: Investigation Priority: Minor - P4
Reporter: Backlog - Core Eng Program Management Team Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-79156 Track and log failed LDAP referrals Closed
Documentation Changes: Not Needed

 Description   
Original Downstream Change Summary

Before this change, the output of the ldapOperations serverStatus section was as shown below:
{LDAPNumberOfReferrals: 0, bindStats:

{ numOp: 0, opDurationMicros: 0 }

, searchStats:

{ numOp: 0, opDurationMicros: 0 }

, unbindStats:

{ numOp: 0, opDurationMicros: 0 }

After this change, the output of the ldapOperations serverStatus section will be as shown below:
{LDAPNumberOfSuccessfulReferrals: 0, LDAPNumberOfFailedReferrals: 0, LDAPNumberOfReferrals: 0, bindStats:

{ numOp: 0, opDurationMicros: 0 }

, searchStats:

{ numOp: 0, opDurationMicros: 0 }

}

In other words, there are 2 new fields (LDAPNumberOfSuccessfulReferrals and LDAPNumberOfFailedReferrals) and the unbindStats field has been removed altogether.

Additionally, the above change is also reflected in the authorization section of the slow query log and the $currentOp aggregation state output.

Description of Linked Ticket

Currently, we only count the total number of LDAP referrals chased during a given operation and only log when we begin a connection attempt to a referred server.

We should group the referral count by "success" vs. "failure" and add additional logging when a referral fails, along with the reason why (e.g., TLS handshake failure). This will help TSEs easily identify where an LDAP operation failed if the query involved numerous referrals in a large AD forest, for instance.



 Comments   
Comment by Anna Henningsen [ 15/Sep/23 ]

No devtools impact.

Comment by PM Bot [ 14/Sep/23 ]

Fix Version updated for upstream SERVER-79156:
7.2.0-rc0

Generated at Wed Feb 07 22:45:47 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.