<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:06:32 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-12947] Configuring both setParameter.saslauthdPath and security.ldap.servers clarification and results</title>
                <link>https://jira.mongodb.org/browse/DOCS-12947</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Description&quot;&gt;&lt;/a&gt;Description&lt;/h2&gt;
&lt;p&gt;A user has configured both Native LDAP and saslauthdPath in a MongoDB deployment.&lt;/p&gt;

&lt;p&gt;The configuration file passes validation and the process is started successfully.&#160; Testing of this configuration scenario suggests that MongoDB will use the saslauthd proxy service for all LDAP user authentications.&lt;/p&gt;

&lt;p&gt;Should the saslauthd service fail, LDAP users are unable to authenticate.&lt;/p&gt;

&lt;p&gt;Documentation should note that should both options be present, the saslauthd configuration will take precedence and MongoDB will use it exclusively.&lt;/p&gt;

&lt;h2&gt;&lt;a name=&quot;Scopeofchanges&quot;&gt;&lt;/a&gt;Scope of changes&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;ImpacttoOtherDocs&quot;&gt;&lt;/a&gt;Impact to Other Docs&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;MVP%28WorkandDate%29&quot;&gt;&lt;/a&gt;MVP (Work and Date)&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;Resources%28ScopeorDesignDocs%2CInvision%2Cetc.%29&quot;&gt;&lt;/a&gt;Resources (Scope or Design Docs, Invision, etc.)&lt;/h2&gt;
</description>
                <environment></environment>
        <key id="887787">DOCS-12947</key>
            <summary>Configuring both setParameter.saslauthdPath and security.ldap.servers clarification and results</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="12300">Won&apos;t Do</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="jack.alder@mongodb.com">Jack Alder</reporter>
                        <labels>
                    </labels>
                <created>Thu, 8 Aug 2019 17:18:21 +0000</created>
                <updated>Mon, 13 Nov 2023 18:17:45 +0000</updated>
                                                            <fixVersion>Backlog</fixVersion>
                    <fixVersion>Server_Docs_20231030</fixVersion>
                    <fixVersion>Server_Docs_20231106</fixVersion>
                    <fixVersion>Server_Docs_20231105</fixVersion>
                    <fixVersion>Server_Docs_20231113</fixVersion>
                                    <component>manual</component>
                    <component>Server</component>
                        <due></due>
                            <votes>1</votes>
                                    <watches>9</watches>
                                                                                                                <comments>
                            <comment id="4940438" author="edu.bot" created="Mon, 31 Oct 2022 16:05:25 +0000"  >&lt;p&gt;Hello! This ticket has been closed due to inactivity. If you believe this ticket is still important, please reopen it and leave a comment to explain why. Thank you!&lt;/p&gt;</comment>
                            <comment id="2696879" author="daniel.hatcher" created="Tue, 31 Dec 2019 16:19:15 +0000"  >&lt;p&gt;So after Spencer&apos;s comment, I believe the proposed change of&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;Documentation should note that should both options be present, the saslauthd configuration will take precedence and MongoDB will use it exclusively.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;should instead be &lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Documentation should note that should both options be present, the saslauthd configuration will take precedence and MongoDB will use it for authentication. If using LDAP for authorization, the native configuration will be used for that aspect.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;Giving to the real docs team now.&lt;/p&gt;</comment>
                            <comment id="2662240" author="spencer.jackson@10gen.com" created="Mon, 23 Dec 2019 22:05:35 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=nicholas.cottrell&quot; class=&quot;user-hover&quot; rel=&quot;nicholas.cottrell&quot;&gt;nicholas.cottrell&lt;/a&gt;, a fair request. I&apos;ve filed &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-45295&quot; title=&quot;Make sure that LDAP logs always contain context on AuthZN operation&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-45295&quot;&gt;&lt;del&gt;SERVER-45295&lt;/del&gt;&lt;/a&gt;. &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=daniel.hatcher&quot; class=&quot;user-hover&quot; rel=&quot;daniel.hatcher&quot;&gt;daniel.hatcher&lt;/a&gt;, passing back to you.&lt;/p&gt;</comment>
                            <comment id="2580834" author="spencer.jackson@10gen.com" created="Tue, 3 Dec 2019 21:18:23 +0000"  >&lt;p&gt;Be aware, that there is both LDAP authentication and LDAP authorization. LDAP authentication can be accomplished through either Cyrus SASL&apos;s saslauthd or our native LDAP authentication implementation. These are mutually exclusive. LDAP &lt;b&gt;authorization&lt;/b&gt; can only be performed using our native LDAP implementation. LDAP authorization can be used in conjunction with either implementation of LDAP authentication. There are some complex scenarios when it may be desirable for a deployment to use saslauthd for authentication and our native LDAP authorization.&lt;/p&gt;

&lt;p&gt;If during authentication a saslauthdPath is set, the server will rely on saslauthd to perform authentication. If we are only using LDAP for authentication, that is end of story, as use of saslauthd precludes native LDAP authentication. However, if configured to use LDAP authorization, a server which has just used saslauthd may then use its native LDAP implementation to acquire the user&apos;s roles for authorization.&lt;/p&gt;</comment>
                            <comment id="2579771" author="nicholas.cottrell" created="Tue, 3 Dec 2019 15:24:16 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=jack.alder&quot; class=&quot;user-hover&quot; rel=&quot;jack.alder&quot;&gt;jack.alder&lt;/a&gt; - Actually, I just created &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-44926&quot; title=&quot;Startup warning when both saslauthd and native LDAP are configured&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-44926&quot;&gt;&lt;del&gt;SERVER-44926&lt;/del&gt;&lt;/a&gt; so that it didn&apos;t get forgotten. Please free to update/correct my description if I&apos;ve misunderstood something.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="1065366">SERVER-45295</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1033283">SERVER-44926</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5002K00000g52ueQAA, 5002K00000iPc4cQAC]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 3 Dec 2019 09:06:13 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        1 year, 14 weeks, 2 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>DOCSP-1769</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>false</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>emet.ozar@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            1 year, 14 weeks, 2 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>daniel.hatcher@mongodb.com</customfieldvalue>
            <customfieldvalue>edu.bot</customfieldvalue>
            <customfieldvalue>jack.alder@mongodb.com</customfieldvalue>
            <customfieldvalue>nicholas.cottrell@mongodb.com</customfieldvalue>
            <customfieldvalue>spencer.jackson@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hvjl5z:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hv8i2f:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hvj7fb:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>