[SERVER-40442] Re-fetch an externally stored password when LDAP bind fails using a service account Created: 02/Apr/19  Updated: 29/Oct/23  Resolved: 05/Jun/19

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 4.1.9
Fix Version/s: 4.3.1

Type: New Feature Priority: Major - P3
Reporter: Andrey Brindeyev Assignee: Jonathan Reams
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
is documented by DOCS-12786 Docs for SERVER-40442: Re-fetch an ex... Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2019-04-22, Security 2019-05-06, Security 2019-06-03, Security 2019-06-17
Participants:

 Description   

When an externally stored password for the LDAP service account gets changed, MongoDB Enterprise Server must somehow be able to obtain the fresh password. This can be accomplished by allowing it to know multiple potential passwords for service accounts in order to enable rotation.



 Comments   
Comment by Githook User [ 05/Jun/19 ]

Author:

{'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}

Message: SERVER-40442 Support multiple ldap query bind passwords at runtime
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/91730c3c6c66fa195d9077ba72cb6f59724c8c48

Generated at Thu Feb 08 04:54:59 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.