[DOCS-7301] Enhance LDAP documentation - add section for PAM integration Created: 29/Feb/16  Updated: 30/Oct/23  Resolved: 07/Mar/23

Status: Closed
Project: Documentation
Component/s: Server
Affects Version/s: None
Fix Version/s: Server_Docs_20231030

Type: Task Priority: Major - P3
Reporter: Jason Mimick (Inactive) Assignee: Ravind Kumar (Inactive)
Resolution: Won't Fix Votes: 0
Labels: ldap, manual, security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Participants:
Days since reply: 7 years, 50 weeks, 2 days ago
Story Points: 1.5

 Description   

We should enhance the LDAP integration documentation
Authenticate Using SASL and LDAP with ActiveDirectory
to include notes for if a customer's' linux environment has PAM enabled. In this case, the configuration for saslauthd with very basic. Once just set's MECH=PAM in /etc/sysconfig/saslauthd and then in the mongod.conf:

setParameter:
   saslauthdPath: /var/run/saslauthd/mux
   authenticationMechanisms: PLAIN,SCRAM-SHA-1

where the PLAIN mechanism is for the LDAP integration. I think it would be helpful to have an example showing that you can have multiple authenticationMechanisms.

This has been documented here http://blog.mongodb.org/post/101760288723/mongodb-ldap-and-kerberos-authentication-with, but adding these kind of details to our official documentation will help alot, especially with enterprise customers.

Also, let's add a note which calls out the syntax is different for the driver connection strings. For example, you say authMech and authSource

I'm happy to work with the doc team more on this topic, just let me know.

Thanks-


Generated at Thu Feb 08 07:54:00 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.