[DOCS-1612] saslauthd configuration needs additional details to avoid common mistakes Created: 14/Jun/13  Updated: 25/Nov/13  Resolved: 18/Jun/13

Status: Closed
Project: Documentation
Component/s: manual
Affects Version/s: mongodb-2.6
Fix Version/s: mongodb-2.6

Type: Task Priority: Major - P3
Reporter: Michael Grundy Assignee: Kay Kim (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

ldap/saslauthd


Issue Links:
Related
Participants:
Days since reply: 10 years, 35 weeks, 1 day ago

 Description   

In the LDAP section of the release notes there is a section on saslauthd configuration. That should be ammended with the following information:

On systems with /etc/sysconfig/saslauthd (RH, Fedora, CentOS, AWS AMI) make sure mech is set to ldap (not PAM)

MECH=ldap

on systems with /etc/default/saslauthd ensure the MECHANISMS is set to ldap

MECHANISMS="ldap"

To connect to an openLDAP server, a saslauthd.conf file like the following can be used:

ldap_servers: <ldap uri, e.g. ldaps://ldap.mydomain.com>
ldap_search_base: ou=Users,dc=example,dc=com
ldap_filter: (uid=%u)

We recommend simplicity for teset configurations. Create users in a particular OU and put that ou in the ldap_search_base. Create the users with a uid (shortname) and use that in the ldap_filter parameter.

Your saslauthd configuration can be tested using the testsaslauthd utility:

testsaslauthd -u testuser -p testpassword -s mongod -f /var/run/saslauthd/mux

Information on configuring saslauthd can be found in the openLDAP Administrator's Guide



 Comments   
Comment by auto [ 18/Jun/13 ]

Author:

{u'username': u'kay-kim', u'name': u'kay', u'email': u'kay.kim@10gen.com'}

Message: DOCS-1612 and 1606 LDAP add mongod parameter and openLDAP conf info

Signed-off-by: Sam Kleinman <samk@10gen.com>
Branch: master
https://github.com/mongodb/docs/commit/7ff1026305513f9ce9633c30f74cddf75d5ce051

Generated at Thu Feb 08 07:41:28 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.