<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 07:43:08 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-2300] LDAP documentation has major gaps</title>
                <link>https://jira.mongodb.org/browse/DOCS-2300</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;p&gt;&lt;a href=&quot;http://docs.mongodb.org/master/tutorial/configure-ldap-sasl-authentication/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://docs.mongodb.org/master/tutorial/configure-ldap-sasl-authentication/&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;We should mention that it is necessary to create a user in the &apos;$external&apos; database for this to actually work.&lt;/p&gt;

&lt;p&gt;We should mention that saslauthd.conf may or may not exist and that users should create one if they don&apos;t have it.&lt;/p&gt;

&lt;p&gt;The authentication example shows a kerberos style &quot;user@REALM&quot; username and this could be misleading. Should be replaced by &amp;lt;username&amp;gt; or some such thing.&lt;/p&gt;

&lt;p&gt;It&apos;s worth describing how this process with saslauthd works. I&apos;m not an expert on this (so check with others) but it should be something like:&lt;/p&gt;

&lt;p&gt;The username and password typed into mongodb are communicated to saslauthd via a local unix socket in plain text. (this is why the mechanism is &quot;PLAIN&quot;) Saslauthd then attempts to bind to the ldap server on MongoDB&apos;s behalf using the specified credentials. NOTE: This communication will be carried out over a secure channel (if they have ldaps enabled) however if the ldap server is remote and not using ldaps then your password will be transmitted in plaintext over the internet! If the saslauthd is able to bind to the ldap server then the authentication is successful. Etc...&lt;/p&gt;

&lt;p&gt;In addition, on certain linux distributions - e.g. ubuntu 12.04 starting saslauthd causes it to automatically enable authentication credentials caching (see &lt;a href=&quot;http://www.linuxcommand.org/man_pages/saslauthd8.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;here&lt;/a&gt;) &amp;#8211; the &lt;tt&gt;-c&lt;/tt&gt; option. Thus, saslauthd will never contact the LDAP server to reauthenticate users it&apos;s already cached until it&apos;s restarted. Again, this means that saslauthd will still successfully authenticate users whose credentials it&apos;s cached even if the LDAP server is down.&lt;/p&gt;

&lt;p&gt;It might also be worth mentioning &amp;#8211; as part of the &quot;Tips&quot; for &lt;tt&gt;ldap_servers&lt;/tt&gt; settings &amp;#8211; that in addition to the &lt;tt&gt;ldap:///&lt;/tt&gt; protocol, those using the &lt;tt&gt;ldaps:///&lt;/tt&gt; protocol (LDAP over SSL) would typically have to use port 636.&lt;/p&gt;</description>
                <environment></environment>
        <key id="99939">DOCS-2300</key>
            <summary>LDAP documentation has major gaps</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="kay.kim@mongodb.com">Kay Kim</assignee>
                                    <reporter username="tyler@10gen.com">Tyler Brock</reporter>
                        <labels>
                            <label>security</label>
                    </labels>
                <created>Mon, 25 Nov 2013 22:44:37 +0000</created>
                <updated>Wed, 11 Jan 2017 22:38:53 +0000</updated>
                            <resolved>Thu, 12 Dec 2013 16:29:39 +0000</resolved>
                                                    <fixVersion>01112017-cleanup</fixVersion>
                                        <due></due>
                            <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                                                            <comments>
                            <comment id="469955" author="xgen-internal-githook" created="Thu, 12 Dec 2013 16:28:58 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;kay-kim&apos;, u&apos;name&apos;: u&apos;kay&apos;, u&apos;email&apos;: u&apos;kay.kim@10gen.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-2300&quot; title=&quot;LDAP documentation has major gaps&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-2300&quot;&gt;&lt;del&gt;DOCS-2300&lt;/del&gt;&lt;/a&gt; add to ldap saslauthd tutorial&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/1ea8052ae6439407171db8981886946529561465&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/1ea8052ae6439407171db8981886946529561465&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                            <subtask id="101852">DOCS-2386</subtask>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 11 Dec 2013 21:49:07 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        10 years, 9 weeks, 6 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>jess.mokrzecki@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 9 weeks, 6 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>kay.kim@mongodb.com</customfieldvalue>
            <customfieldvalue>tyler@10gen.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrrj1b:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrufw7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>91548</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrybvb:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>