[SERVER-40442] Re-fetch an externally stored password when LDAP bind fails using a service account Created: 02/Apr/19 Updated: 29/Oct/23 Resolved: 05/Jun/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 4.1.9 |
| Fix Version/s: | 4.3.1 |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Andrey Brindeyev | Assignee: | Jonathan Reams |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Sprint: | Security 2019-04-22, Security 2019-05-06, Security 2019-06-03, Security 2019-06-17 | ||||||||
| Participants: | |||||||||
| Description |
|
When an externally stored password for the LDAP service account gets changed, MongoDB Enterprise Server must somehow be able to obtain the fresh password. This can be accomplished by allowing it to know multiple potential passwords for service accounts in order to enable rotation. |
| Comments |
| Comment by Githook User [ 05/Jun/19 ] |
|
Author: {'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com', 'username': 'jbreams'}Message: |