[DOCS-9993] Ops Manager docs should specify that when using LDAP authz, you cannot use the same DN as the automation agent as for the other agents Created: 10/Mar/17 Updated: 25/Apr/17 Resolved: 22/Apr/17 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | Ops Manager |
| Affects Version/s: | None |
| Fix Version/s: | ops-manager-3.4 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Dennis Kuczynski | Assignee: | Anthony Sansone (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Participants: | |||||
| Days since reply: | 6 years, 42 weeks, 2 days ago | ||||
| Epic Link: | C/OM Security | ||||
| Story Points: | 0.3 | ||||
| Description |
|
We recently had two customers attempt to use the same LDAP group DN for all agents. The automation agent will auto-generate and manage the role named for the automation agent group DN, so we do not want to let the other agent group DNs match that DN. i.e. we should encourage all DNs to be distinct values. Technically, it should be okay if the monitoring and backup group DNs are the same. cc tony.sansone |
| Comments |
| Comment by Githook User [ 25/Apr/17 ] |
|
Author: {u'username': u'atsansone', u'name': u'Tony Sansone', u'email': u'tony.sansone@mongodb.com'}Message: ( |
| Comment by Githook User [ 25/Apr/17 ] |
|
Author: {u'username': u'atsansone', u'name': u'Tony Sansone', u'email': u'tony.sansone@mongodb.com'}Message: ( |
| Comment by Dennis Kuczynski [ 07/Apr/17 ] |
|
Yes, that sounds right to me |
| Comment by Dennis Kuczynski [ 10/Mar/17 ] |
|
For now, we'll just be logging a warning if the user tries to use the same DN for the automation agent and another agent. |