[SERVER-32933] Allow mongod to start when unable to reach LDAP server Created: 26/Jan/18  Updated: 29/Oct/23  Resolved: 02/Feb/18

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 3.4.10, 3.6.2
Fix Version/s: 3.4.14, 3.6.3, 3.7.2

Type: Improvement Priority: Critical - P2
Reporter: Cory Mintz Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: mms-s
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Related
related to DOCS-11879 Add security.ldap.validateLDAPServerC... Closed
Backwards Compatibility: Fully Compatible
Backport Requested:
v3.6, v3.4
Sprint: Platforms 2018-01-29, Platforms 2018-02-12
Participants:
Case:

 Description   

When using "SCRAM-SHA-1, PLAIN" as your authentication mechanism it would be desirable for mongod to start and continue to run, regardless of the state of the LDAP server since SCRAM users will still be able to authenticate. Currently there is a check on startup of mongod that will prevent the server from starting when the LDAP server can not be validated.

2018-01-26T17:09:40.763+0000 I CONTROL  [main] ***** SERVER RESTARTED *****
2018-01-26T17:09:44.649+0000 E ACCESS   [main] Failed to bind to LDAP server at default: Can't contact LDAP server. Bind parameters were: {BindDN: cn=read-only-admin,dc=example,dc=com, authenticationType: simple}
2018-01-26T17:09:44.649+0000 F CONTROL  [main] Failed global initialization: FailedToParse: Can't connect to the specified LDAP servers, error: LDAP bind failed with error: Can't contact LDAP server



 Comments   
Comment by Githook User [ 06/Mar/18 ]

Author:

{'email': 'spencer.jackson@mongodb.com', 'name': 'Spencer Jackson', 'username': 'spencerjackson'}

Message: SERVER-32933: Add flag to disable LDAP smoke test

(cherry picked from commit 7245a9bace0a753e8564fa2101de12073baf7349)
Branch: v3.4
https://github.com/10gen/mongo-enterprise-modules/commit/605ab45ddc110cd00a01a697f22bf40f3fa257af

Comment by Githook User [ 08/Feb/18 ]

Author:

{'email': 'spencer.jackson@mongodb.com', 'name': 'Spencer Jackson', 'username': 'spencerjackson'}

Message: SERVER-32933: Add flag to disable LDAP smoke test

(cherry picked from commit 7245a9bace0a753e8564fa2101de12073baf7349)
Branch: v3.6
https://github.com/10gen/mongo-enterprise-modules/commit/dafb47f6828f9d7d9cadd1e614419f0d847f4a81

Comment by Githook User [ 02/Feb/18 ]

Author:

{'email': 'spencer.jackson@mongodb.com', 'name': 'Spencer Jackson', 'username': 'spencerjackson'}

Message: SERVER-32933: Add flag to disable LDAP smoke test
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/7245a9bace0a753e8564fa2101de12073baf7349

Generated at Thu Feb 08 04:31:45 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.