<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 07:56:17 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-8426] OpsManager LDAP support clarification</title>
                <link>https://jira.mongodb.org/browse/DOCS-8426</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;p&gt;Due the current design for the LDAP membership, it is likely that OpsManager isn&apos;t able to support most of the directory implementations (ie. RedHat 389, Oracle Directory Server, IBM Tivoli Directory Server, etc).&lt;/p&gt;

&lt;p&gt;I believe we should state that we only support Active Directory (with some important restrictions). For example, if the groups in the directory are using a nested membership, OpsManager won&apos;t be able to detect the membership as per the &lt;a href=&quot;https://msdn.microsoft.com/en-us/library/ms677943.aspx&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Microsoft documentation in relation to the &lt;tt&gt;memberOf&lt;/tt&gt; attribute&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Be aware that this attribute lists the groups that contain the user in their member attribute&#8212;it does not contain the recursive list of nested predecessors. For example, if user O is a member of group C and group B and group B were nested in group A, the memberOf attribute of user O would list group C and group B, but not group A.&lt;/p&gt;


&lt;p&gt;This attribute is not stored&#8212;it is a computed back-link attribute.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;The support for &lt;tt&gt;memberOf&lt;/tt&gt; like attributes in other directories is not compatible with the current implementation. For example, the &lt;a href=&quot;http://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;memberOf overlay&lt;/a&gt; available for OpenLDAP, requires the attribute to be invoked from the JNDI query. I guess we should test if that overlay works with the current OpsManager version but I would say it won&apos;t work as I can&apos;t see &lt;a href=&quot;https://github.com/10gen/mms/blob/6abf4e8c0afdaf80221356ccd5cbfccaac3b8a1b/server/src/main/com/xgen/svc/core/util/LdapUtils.java#L127-L168&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;any specific attribute specification in the LDAP search&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;The OpenLDAP behaviour is usually the same for the rest of directory implementations &lt;a href=&quot;https://docs.oracle.com/cd/E19424-01/820-4813/ismemberof-5dsat/index.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;as you can see in the on-line documentation from other directories&lt;/a&gt;.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Attribute specific to this Directory Server instance and version of the schema.&lt;/p&gt;

&lt;p&gt;Operational attribute used by the directory service; &lt;b&gt;returned in ldapsearch only when specifically requested&lt;/b&gt;.&lt;/p&gt;

&lt;p&gt;The value of this attribute may only be modified by the server.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;I suggest mentioning that the only supported directory is ActiveDirectory which is supported with limitations like the lack of nested groups support.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/configure-for-ldap-authentication/#prerequisites&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://docs.opsmanager.mongodb.com/current/tutorial/configure-for-ldap-authentication/#prerequisites&lt;/a&gt;&lt;/p&gt;</description>
                <environment></environment>
        <key id="304059">DOCS-8426</key>
            <summary>OpsManager LDAP support clarification</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="2" iconUrl="https://jira.mongodb.org/images/icons/priorities/critical.svg">Critical - P2</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="tony.sansone@mongodb.com">Anthony Sansone</assignee>
                                    <reporter username="ricardo.lorenzo">Ricardo Lorenzo</reporter>
                        <labels>
                    </labels>
                <created>Tue, 26 Jul 2016 13:25:14 +0000</created>
                <updated>Fri, 23 Sep 2016 18:44:35 +0000</updated>
                            <resolved>Thu, 22 Sep 2016 23:16:32 +0000</resolved>
                                                    <fixVersion>3.4.0</fixVersion>
                    <fixVersion>mongodb-3.4p1</fixVersion>
                                    <component>Ops Manager</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                <comments>
                            <comment id="1392120" author="xgen-internal-githook" created="Fri, 23 Sep 2016 16:59:07 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;atsansone&apos;, u&apos;name&apos;: u&apos;Tony Sansone&apos;, u&apos;email&apos;: u&apos;tony.sansone@mongodb.com&apos;}
&lt;p&gt;Message: (&lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-8426&quot; title=&quot;OpsManager LDAP support clarification&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-8426&quot;&gt;&lt;del&gt;DOCS-8426&lt;/del&gt;&lt;/a&gt;): Added note about no nested groups in LDAP.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mms-docs/commit/e19e5edafc67638f45db73b7df4a9cf8ec3e669f&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mms-docs/commit/e19e5edafc67638f45db73b7df4a9cf8ec3e669f&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1386051" author="ricardo.lorenzo" created="Fri, 16 Sep 2016 07:44:54 +0000"  >&lt;p&gt;Thanks &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=cory.mintz&quot; class=&quot;user-hover&quot; rel=&quot;cory.mintz&quot;&gt;cory.mintz&lt;/a&gt;!. I&apos;m sorry for the delay in my answer.&lt;/p&gt;

&lt;p&gt;The workaround should work in my opinion. We can test it against OpenLDAP overlay, and it should be the same physics laws for the rest of the directories. Thanks again!&lt;/p&gt;</comment>
                            <comment id="1385349" author="cory.mintz@10gen.com" created="Thu, 15 Sep 2016 15:24:31 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=ricardo.lorenzo&quot; class=&quot;user-hover&quot; rel=&quot;ricardo.lorenzo&quot;&gt;ricardo.lorenzo&lt;/a&gt;, this is the code path you were looking for, which includes the configured group attribute.&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mms/blob/6abf4e8c0afdaf80221356ccd5cbfccaac3b8a1b/server/src/main/com/xgen/svc/mms/svc/user/UserSvcLdap.java#L362&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mms/blob/6abf4e8c0afdaf80221356ccd5cbfccaac3b8a1b/server/src/main/com/xgen/svc/mms/svc/user/UserSvcLdap.java#L362&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1385184" author="cory.mintz@10gen.com" created="Thu, 15 Sep 2016 13:41:00 +0000"  >&lt;p&gt;Ops Manager 3.4 QA is coming up soon, so I can tell you what we find in terms of the memberOf attribute being returned from OpenLDAP.&lt;/p&gt;</comment>
                            <comment id="1385180" author="cory.mintz@10gen.com" created="Thu, 15 Sep 2016 13:38:06 +0000"  >&lt;p&gt;I do not have a comprehensive list as to what directory services are supported and which aren&apos;t. To be honest I haven&apos;t used them all. I can say that when this feature was built and during QA, OpenLDAP was used. I think the point about nested groups is definitely true and should be added to the docs.&lt;/p&gt;

&lt;p&gt;cc &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=jordan.sumerlus&quot; class=&quot;user-hover&quot; rel=&quot;jordan.sumerlus&quot;&gt;jordan.sumerlus&lt;/a&gt; / &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=andrew.davidson&quot; class=&quot;user-hover&quot; rel=&quot;andrew.davidson&quot;&gt;andrew.davidson&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1383683" author="tim.olsen@10gen.com" created="Tue, 13 Sep 2016 19:25:22 +0000"  >&lt;p&gt;I honestly have no idea.  &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=cory.mintz&quot; class=&quot;user-hover&quot; rel=&quot;cory.mintz&quot;&gt;cory.mintz&lt;/a&gt; Do you know or know someone who does?&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                                        </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>6.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 13 Sep 2016 17:40:18 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        7 years, 20 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>DOCS-8729</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>jess.mokrzecki@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            7 years, 20 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>tony.sansone@mongodb.com</customfieldvalue>
            <customfieldvalue>cory.mintz@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>ricardo.lorenzo</customfieldvalue>
            <customfieldvalue>tim.olsen@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrmmhr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrcg9b:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="1285">Docs Q3 W8 (9/27)</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10555" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.5</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrzaqf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>