[DOCS-8791] LDAP settings for Active Directory do not work Created: 08/Sep/16 Updated: 30/Oct/23 Resolved: 17/Mar/23 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | manual |
| Affects Version/s: | None |
| Fix Version/s: | Server_Docs_20231030 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Joshua Maag | Assignee: | Ravind Kumar (Inactive) |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Participants: | |
| Days since reply: | 46 weeks, 6 days ago |
| Story Points: | 2 |
| Description |
|
The settings for Configuring LDAP Options with ActiveDirectory would never work in the current version of ActiveDirectory. See: https://docs.mongodb.com/manual/tutorial/configure-ldap-sasl-activedirectory/ The /etc/saslauthd.conf says use the following settings:
MD5 does not work in ActiveDirectory by default. In order to make this work, a user would literally have to go through each user in ActiveDirectory, select a checkbox to enable MD5 and then reset the users password. Currently, we use the following configuration which may not be ideal, but allows users to connect LDAP to ActiveDirectory
We do need to do some further research here to provide a better configuration, but as of now, this configuration works better than the current suggestion. |
| Comments |
| Comment by Sarah Olson [ 17/Mar/23 ] |
|
Closing this out on the grounds that:
Based on this, closing as WON'T DO. Please don't hesitate to give me a shout or to reopen if you disagree. |
| Comment by Ravind Kumar (Inactive) [ 12/Jun/18 ] |
|
cc spencer.jackson davi.ottenheimer can either of you good folks comment on this? Ticket's been stuck in backlog for a while, but I'd like to resolve.
From the AD docs DIGEST-MD5 is supported, but if it's not a standard default, I can adjust the docs. |