[DOCS-3909] Make the examples given for LDAP configuration more realistic for Windows AD Created: 15/Aug/14  Updated: 16/Mar/15  Resolved: 29/Aug/14

Status: Closed
Project: Documentation
Component/s: Cloud Manager
Affects Version/s: None
Fix Version/s: v1.3.10, mms-1.4, mms-1.5

Type: Task Priority: Major - P3
Reporter: Cailin Nelson Assignee: Michael Paik
Resolution: Done Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Participants:
Days since reply: 9 years, 23 weeks ago

 Description   

The example configuration parameters given here (especially the group names) are not very realistic for Windows AD. We should provide examples that are more similar to what users will need to enter.

For example, a Windows AD configuration would look more like:

mms.ldap.global.role.owner=CN\=MongoMMS-GlobalOwner,OU\=Mongo MMS,OU\=ACME Groups,DC\=acme,DC\=local



 Comments   
Comment by Githook User [ 10/Sep/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3909-fix - typo correction
Branch: next
https://github.com/10gen/mms-docs/commit/75c7bd991e270d696813d7666012cf928b9b58dd

Comment by Githook User [ 03/Sep/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3909-fix - typo correction
Branch: master
https://github.com/10gen/mms-docs/commit/902c8610b18861ba24da8d4c9b5b0d6a5cb0c168

Comment by Michael Paik [ 03/Sep/14 ]

Thanks for the heads up - fix will go in in next publication.

Comment by Mark Heynes [ 03/Sep/14 ]

Hi, Examples are much easier to understand now but I believe there is a typo

http://mms.mongodb.com/help-hosted/v1.5/tutorial/configure-for-ldap-authentication/

Property Example Description
mms.ldap.url ldap://acme-dc1.acme.example.net:3890 The URI for the LDAP

Port should be 389 for LDAP or 636 for LDAPS

same issue on 1.4 version of the docs

kind regards

Mark

Comment by Githook User [ 02/Sep/14 ]

Author:

{u'username': u'tychoish', u'name': u'Sam Kleinman', u'email': u'samk@10gen.com'}

Message: DOCS-3909: local -> example.net
Branch: next
https://github.com/10gen/mms-docs/commit/667a8747e35bdc5e6fb8648a20fb3f330fcae089

Comment by Githook User [ 02/Sep/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3909 - more realistic LDAP example values
Branch: next
https://github.com/10gen/mms-docs/commit/6067fa4876f03b62627fa9cf52f1a7cf21fab934

Comment by Githook User [ 29/Aug/14 ]

Author:

{u'username': u'tychoish', u'name': u'Sam Kleinman', u'email': u'samk@10gen.com'}

Message: DOCS-3909: local -> example.net
Branch: master
https://github.com/10gen/mms-docs/commit/667a8747e35bdc5e6fb8648a20fb3f330fcae089

Comment by Githook User [ 29/Aug/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3909 - more realistic LDAP example values
Branch: master
https://github.com/10gen/mms-docs/commit/6067fa4876f03b62627fa9cf52f1a7cf21fab934

Comment by Mark Heynes [ 18/Aug/14 ]

Comments in conf-mms.properties needs to be updated to reflect that mms.ldap.user.group:is now a required parameter rather than an optional one

Comment by Mark Heynes [ 18/Aug/14 ]

mms.ldap.url=ldap://acme-dc1.acme.local:389
mms.ldap.group.separator=;
mms.ldap.bindPassword=user-password
mms.ldap.bindDn=authUser@acme.local
mms.ldap.user.baseDn=DC\=acme,DC\=local
mms.ldap.user.searchAttribute=mail

mms.ldap.global.role.owner=CN\=MMSGlobalOwner,OU\=MMS,OU\=acme Groups,DC\=acme,DC\=local
mms.ldap.global.role.backupAdmin=CN\=MMS-BackupAdmin,OU\=MMS,OU\=acme Groups,DC\=acme,DC\=local
mms.ldap.global.role.monitoringAdmin=CN\=MMS-MonitoringAdmin,OU\=MMS,OU\=acme Groups,DC\=acme,DC\=local
mms.ldap.global.role.userAdmin=CN\=MMS-UserAdmin,OU\=MMS,OU\=acme Groups,DC\=acme,DC\=local
mms.ldap.global.role.readOnly=CN\= MMS-ReadOnly,OU\=MMS,OU\=acme Groups,DC\=acme,DC\=local
mms.ldap.user.group=memberOf

mms.ldap.user.firstName=givenName
mms.ldap.user.lastName=sn
mms.ldap.user.email=mail

Generated at Thu Feb 08 07:46:47 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.