[SERVER-79156] Track and log failed LDAP referrals Created: 20/Jul/23  Updated: 29/Oct/23  Resolved: 14/Sep/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.2.0-rc0

Type: Task Priority: Major - P3
Reporter: Varun Ravichandran Assignee: Varun Ravichandran
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by COMPASS-7218 Investigate changes in SERVER-79156: ... Closed
Documented
Assigned Teams:
Server Security
Backwards Compatibility: Minor Change
Sprint: Security 2023-09-04, Security 2023-09-18
Participants:

 Description   

Currently, we only count the total number of LDAP referrals chased during a given operation and only log when we begin a connection attempt to a referred server.

We should group the referral count by "success" vs. "failure" and add additional logging when a referral fails, along with the reason why (e.g., TLS handshake failure). This will help TSEs easily identify where an LDAP operation failed if the query involved numerous referrals in a large AD forest, for instance.



 Comments   
Comment by Githook User [ 14/Sep/23 ]

Author:

{'name': 'Varun Ravichandran', 'email': 'varun.ravichandran@mongodb.com', 'username': 'varunravi98'}

Message: SERVER-79156: Track successful and failed LDAP referrals in FTDC and CurOp
Branch: master
https://github.com/mongodb/mongo/commit/5324814ea0524995737d6ef7349866631d74af20

Generated at Thu Feb 08 06:40:13 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.