<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:02:03 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-11100] Docs for SERVER-31625: The contents of {USER} needs to be escaped when querying for the groups using LDAP server</title>
                <link>https://jira.mongodb.org/browse/DOCS-11100</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;h1&gt;&lt;a name=&quot;Scoping&quot;&gt;&lt;/a&gt;Scoping&lt;/h1&gt;

&lt;h2&gt;&lt;a name=&quot;Description&quot;&gt;&lt;/a&gt;Description&lt;/h2&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;If &lt;tt&gt;security.ldap.userToDNMapping&lt;/tt&gt; uses the &lt;tt&gt;substitution&lt;/tt&gt; parameter, the result of the substitution MUST be an RFC4514-escaped string, as in &lt;tt&gt;(CN=Doe\, John, OU=Users,DC=foo,DC=bar)&lt;/tt&gt;&lt;/li&gt;
	&lt;li&gt;If LDAP Authz is enabled and an LDAP group (the DN part) contains an RFC4514-escaped sequence, the role names in the system.roles collection in the admin database must also be RFC4514-escaped (not plaintext)&lt;/li&gt;
&lt;/ul&gt;


&lt;h2&gt;&lt;a name=&quot;Scopeofchanges%28filesthatneedworkandhowmuch%29&quot;&gt;&lt;/a&gt;Scope of changes (files that need work and how much)&lt;/h2&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;&lt;a href=&quot;https://docs.mongodb.com/manual/reference/configuration-options/#security.ldap.userToDNMapping&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;userToDNMapping reference&lt;/a&gt;: tweak description (also handles the mongod option)&lt;/li&gt;
	&lt;li&gt;&lt;a href=&quot;https://docs.mongodb.com/manual/core/security-ldap-external/#mongodb-roles-for-ldap-authorization&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;MongoDB Roles for LDAP Authz &lt;/a&gt;: note that role names must be RFC4514-escaped if LDAP group names contain an RFC4514-escaped sequence&lt;/li&gt;
	&lt;li&gt;&lt;a href=&quot;https://docs.mongodb.com/manual/core/security-ldap-external/#configuration&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;userToDNMapping (again) &lt;/a&gt;: tweak description&lt;/li&gt;
	&lt;li&gt;&lt;a href=&quot;https://docs.mongodb.com/manual/core/security-ldap/#ldap-authentication-via-the-operating-system-ldap-libraries&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;userToDNMapping (again) &lt;/a&gt;: tweak description&lt;/li&gt;
	&lt;li&gt;&lt;a href=&quot;https://docs.mongodb.com/manual/tutorial/authenticate-nativeldap-activedirectory/#optional-transform-incoming-usernames-for-authentication-via-active-directory&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Transform usernames &lt;/a&gt;: add note about needing the outcome to be RFC4514-escaped&lt;/li&gt;
&lt;/ul&gt;



&lt;h2&gt;&lt;a name=&quot;Impacttootherdocsoutsideofthisproduct&quot;&gt;&lt;/a&gt;Impact to other docs outside of this product&lt;/h2&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Ops Manager:
	&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
		&lt;li&gt;may need to clarify escaping in the &lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/enable-ldap-authentication-for-group/#configure-the-ldap-authorization-settings-optional&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Enable LDAP Tutorial &lt;/a&gt; - specifically the &quot;User to Distinguished Name Mapping&quot; section&lt;/li&gt;
		&lt;li&gt;probably need to say something about escaping the roles, though I&apos;m not sure where&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
&lt;/ul&gt;



&lt;h1&gt;&lt;a name=&quot;DocumentationRequestSummary%3A&quot;&gt;&lt;/a&gt;Documentation Request Summary: &lt;/h1&gt;

&lt;p&gt;1. When the &lt;/p&gt;
{security.ldap.userToDNMapping}
&lt;p&gt; configuration option has one or more subsections with the &lt;/p&gt;
{substitution}
&lt;p&gt; parameter, then the result of such substitution MUST be RFC4514-escaped string (CN=Doe\, John,OU=Users,DC=foo,DC=bar).&lt;/p&gt;

&lt;p&gt;2. When LDAP authorization is enabled and LDAP groups (their DNs) contain RFC4514 escape sequences, then role names must be RFC4514 escaped in the system.roles collection in the admin database, not just plaintext representation of the role names.&lt;/p&gt;

&lt;p&gt;This ticket does NOT introduce any new behavior. Instead, it fixing the authentication issue for the customers when their DN&apos;s contain the special characters.&lt;/p&gt;

&lt;h1&gt;&lt;a name=&quot;EngineeringTicketDescription%3A&quot;&gt;&lt;/a&gt;Engineering Ticket Description:&lt;/h1&gt;

&lt;p&gt;When LDAP authentication and authorization is enabled in the Server, the contents of {&lt;tt&gt;USER&lt;/tt&gt;} value in the &lt;tt&gt;security.ldap.authz.queryTemplate&lt;/tt&gt; configuration option needs to be escaped in accordance to the RFC4515. Please see the example below:&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;$ mongo --host rhel-73.acme.qa --authenticationDatabase &apos;$external&apos; --authenticationMechanism PLAIN --username peter.pan -p&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;MongoDB shell version v3.4.9&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;Enter password:&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;connecting to: mongodb://rhel-73.acme.qa:27017/&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;MongoDB server version: 3.4.9&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;2017-10-18T11:37:14.679-0700 E QUERY    [thread1] Error: Failed to acquire LDAP group membership :&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;DB.prototype._authOrThrow@src/mongo/shell/db.js:1461:20&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;@(auth):7:1&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;@(auth):1:2&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;exception: login failed&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;mongod.log:&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;2017-10-18T11:37:14.679-0700 E ACCESS   [conn5] LDAP authorization failed: UnknownError: Failed to obtain LDAP entities for query &apos;BaseDN: &quot;cn=Users,dc=ACME,dc=QA&quot;, Scope: &quot;sub&quot;, Filter: &quot;(&amp;amp;(objectClass=group)(member:1.2.840.113556.1.4.1941:=CN=Pan\, Peter (J.M. Barrie&apos;s fictional character),CN=Users,DC=ACME,DC=QA))&quot;&apos;: LDAP Operation &amp;lt;ldap_search_ext_s&amp;gt;, Failed to perform query: Bad search filter&apos; Query was: &apos;BaseDN: &quot;cn=Users,dc=ACME,dc=QA&quot;, Scope: &quot;sub&quot;, Filter: &quot;(&amp;amp;(objectClass=group)(member:1.2.840.113556.1.4.1941:=CN=Pan\, Peter (J.M. Barrie&apos;s fictional character),CN=Users,DC=ACME,DC=QA))&quot;&apos;&quot;. (-7/Bad search filter)&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;Correspondent ldapsearch reproduction (please disregard bash-related escaping of the single quote character):&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;$ ldapsearch -LLL -H ldap://ad.acme.qa -D &apos;mdb@acme.qa&apos; -W -b &quot;CN=Users,DC=ACME,DC=QA&quot; -s sub &apos;(&amp;amp;(objectClass=group)(member:1.2.840.113556.1.4.1941:=CN=Pan\, Peter (J.M. Barrie&apos;&quot;&apos;&quot;&apos;s fictional character),CN=Users,DC=ACME,DC=QA))&apos; cn&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;Enter LDAP Password:&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;ldap_search_ext: Bad search filter (-7)&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;Correct search filter syntax (please disregard bash-related escaping of the single quote character):&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;$ ldapsearch -LLL -H ldap://ad.acme.qa -D &apos;mdb@acme.qa&apos; -W -b &quot;CN=Users,DC=ACME,DC=QA&quot; -s sub &apos;(&amp;amp;(objectClass=group)(member:1.2.840.113556.1.4.1941:=CN=Pan\\2c Peter \\28J.M. Barrie&apos;&quot;&apos;&quot;&apos;s fictional character\\29,CN=Users,DC=ACME,DC=QA))&apos; cn&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;Enter LDAP Password:&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;dn: CN=Global-Admins-Database,CN=Users,DC=ACME,DC=QA&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;cn: Global-Admins-Database&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;</description>
                <environment></environment>
        <key id="469622">DOCS-11100</key>
            <summary>Docs for SERVER-31625: The contents of {USER} needs to be escaped when querying for the groups using LDAP server</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="allison.moore@mongodb.com">Allison Reinheimer Moore</assignee>
                                    <reporter username="kay.kim@mongodb.com">Kay Kim</reporter>
                        <labels>
                    </labels>
                <created>Fri, 8 Dec 2017 00:39:16 +0000</created>
                <updated>Sun, 29 Oct 2023 13:58:41 +0000</updated>
                            <resolved>Thu, 5 Jul 2018 13:49:22 +0000</resolved>
                                                    <fixVersion>3.7.1</fixVersion>
                    <fixVersion>3.4.11</fixVersion>
                    <fixVersion>3.6.2</fixVersion>
                                        <due></due>
                            <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                <comments>
                            <comment id="1939248" author="allison.moore@10gen.com" created="Thu, 5 Jul 2018 13:49:22 +0000"  >&lt;p&gt;Merged to 3.4, 3.6, and master.&lt;/p&gt;</comment>
                            <comment id="1939247" author="xgen-internal-githook" created="Thu, 5 Jul 2018 13:49:02 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;username&apos;: &apos;schmalliso&apos;, &apos;name&apos;: &apos;Allison Reinheimer Moore&apos;, &apos;email&apos;: &apos;allison.moore@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-11100&quot; title=&quot;Docs for SERVER-31625: The contents of {USER} needs to be escaped when querying for the groups using LDAP server&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-11100&quot;&gt;&lt;del&gt;DOCS-11100&lt;/del&gt;&lt;/a&gt;: LDAP - substituted DNs must be RFC4514 escaped&lt;br/&gt;
Branch: v3.4&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/1533cf11245467d52a9dc4bced31342e5d3eec49&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/1533cf11245467d52a9dc4bced31342e5d3eec49&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1939231" author="xgen-internal-githook" created="Thu, 5 Jul 2018 13:34:51 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;username&apos;: &apos;schmalliso&apos;, &apos;name&apos;: &apos;Allison Reinheimer Moore&apos;, &apos;email&apos;: &apos;allison.moore@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-11100&quot; title=&quot;Docs for SERVER-31625: The contents of {USER} needs to be escaped when querying for the groups using LDAP server&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-11100&quot;&gt;&lt;del&gt;DOCS-11100&lt;/del&gt;&lt;/a&gt;: LDAP - substituted DNs must be RFC4514 escaped&lt;br/&gt;
Branch: v3.6&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/bb9d2e31c2e876ae6b021fcb7884bef7621c8bd7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/bb9d2e31c2e876ae6b021fcb7884bef7621c8bd7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1939215" author="xgen-internal-githook" created="Thu, 5 Jul 2018 13:20:45 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;username&apos;: &apos;schmalliso&apos;, &apos;name&apos;: &apos;Allison Reinheimer Moore&apos;, &apos;email&apos;: &apos;allison.moore@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-11100&quot; title=&quot;Docs for SERVER-31625: The contents of {USER} needs to be escaped when querying for the groups using LDAP server&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-11100&quot;&gt;&lt;del&gt;DOCS-11100&lt;/del&gt;&lt;/a&gt;: LDAP - substituted DNs must be RFC4514 escaped&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/fcfc435d0c1470d65d8f2f8383bc44e348a64ad4&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/fcfc435d0c1470d65d8f2f8383bc44e348a64ad4&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1753103" author="sivakumar gandhirajan" created="Fri, 15 Dec 2017 16:05:59 +0000"  >&lt;p&gt;is there any progress or resolution on how to escape the special characters in  user DN ?&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10320">
                    <name>Documented</name>
                                            <outwardlinks description="documents">
                                        <issuelink>
            <issuekey id="447735">SERVER-31625</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 12 Dec 2017 17:15:25 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        5 years, 31 weeks, 6 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_14876" key="com.atlassian.jira.plugin.system.customfieldtypes:userpicker">
                        <customfieldname>Docs Reviewer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>jeffrey.allen@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>DOCS-11003</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            5 years, 31 weeks, 6 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>allison.moore@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>kay.kim@mongodb.com</customfieldvalue>
            <customfieldvalue>Sivakumar Gandhirajan</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|htltcn:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|htdfp3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="1324">KANBAN BUCKET</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|htlfgn:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>