DOCS-15050 Add array option to queryPassword type (#491) (#609)

* Updating queryPassword type to include array

* Changing or to pipe

* DOCS-15050 Attempting includes

* DOCS-15050 Includes fix with comment tags

* DOCS-15050 Fixing syntax errors

* DOCS-15050 Working on syntax errors

* DOCS-15050 Fixed some wording

* Update source/reference/configuration-options.txt

Co-authored-by: jeff-allen-mongo <[email protected]>

* Update source/reference/configuration-options.txt

Co-authored-by: jeff-allen-mongo <[email protected]>

Co-authored-by: Ashley Brown <[email protected]>
Co-authored-by: jeff-allen-mongo <[email protected]>

Co-authored-by: Ashley Brown <[email protected]>
Co-authored-by: jeff-allen-mongo <[email protected]>

Author: 3 people

source/includes/query-password.rst

@@ -0,0 +1,91 @@
+
+.. START-CONFIG-QUERYPASSWORD
+
+*Type*: string or array
+
+*Available in MongoDB Enterprise only.*
+
+The password used to bind to an LDAP server when using
+:setting:`~security.ldap.bind.queryUser`. You must use 
+:setting:`~security.ldap.bind.queryPassword` with
+:setting:`~security.ldap.bind.queryUser`.
+
+If not set, :binary:`~bin.mongod` or :binary:`~bin.mongos` does not attempt to
+bind to the LDAP server.
+
+You can configure this setting on a running :binary:`~bin.mongod` or 
+:binary:`~bin.mongos` using :dbcommand:`setParameter`.
+
+Starting in MongoDB 4.4, the ``ldapQueryPassword``
+:dbcommand:`setParameter` command accepts either a string or 
+an array of strings. If ``ldapQueryPassword`` is set to an array, MongoDB tries
+each password in order until one succeeds. Use a password array to roll over the
+LDAP account password without downtime.
+
+.. note::
+
+    Windows MongoDB deployments can use :setting:`~security.ldap.bind.useOSDefaults`
+    instead of :setting:`~security.ldap.bind.queryUser` and 
+    :setting:`~security.ldap.bind.queryPassword`. You cannot specify both 
+    :setting:`~security.ldap.bind.queryPassword` and 
+    :setting:`~security.ldap.bind.useOSDefaults` at the same time.
+
+.. END-CONFIG-QUERYPASSWORD
+
+
+.. START-MONGOD-QUERYPASSWORD
+
+*Available in MongoDB Enterprise only.*
+
+The password used to bind to an LDAP server when using
+:option:`--ldapQueryUser`. You must use :option:`--ldapQueryPassword` with
+:option:`--ldapQueryUser`.
+
+If not set, :program:`mongod` does not attempt to bind to the LDAP server.
+
+You can configure this setting on a running :program:`mongod` using
+:dbcommand:`setParameter`.
+
+Starting in MongoDB 4.4, the ``ldapQueryPassword``
+:dbcommand:`setParameter` command accepts either a string or 
+an array of strings. If ``ldapQueryPassword`` is set to an array, MongoDB tries
+each password in order until one succeeds. Use a password array to roll over the
+LDAP account password without downtime.
+
+.. note::
+
+    Windows MongoDB deployments can use :option:`--ldapBindWithOSDefaults`
+    instead of :option:`--ldapQueryUser` and :option:`--ldapQueryPassword`. 
+    You cannot specify both :option:`--ldapQueryPassword` and 
+    :option:`--ldapBindWithOSDefaults` at the same time.
+
+.. END-MONGOD-QUERYPASSWORD
+
+
+.. START-MONGOLDAP-QUERYPASSWORD
+
+*Available in MongoDB Enterprise only.*
+
+The password used to bind to an LDAP server when using
+:option:`--ldapQueryUser`. You must use :option:`--ldapQueryPassword` with
+:option:`--ldapQueryUser`.
+
+If not set, :program:`mongoldap` does not attempt to bind to the LDAP server.
+
+You can configure this setting on a running :program:`mongoldap` using
+:dbcommand:`setParameter`.
+
+Starting in MongoDB 4.4, the ``ldapQueryPassword``
+:dbcommand:`setParameter` command accepts either a string or 
+an array of strings. If ``ldapQueryPassword`` is set to an array, MongoDB tries
+each password in order until one succeeds. Use a password array to roll over the
+LDAP account password without downtime.
+
+.. note::
+
+    Windows MongoDB deployments can use :option:`--ldapBindWithOSDefaults`
+    instead of :option:`--ldapQueryUser` and :option:`--ldapQueryPassword`. 
+    You cannot specify both :option:`--ldapQueryPassword` and 
+    :option:`--ldapBindWithOSDefaults` at the same time.
+
+.. END-MONGOLDAP-QUERYPASSWORD

source/reference/configuration-options.txt

@@ -2261,7 +2261,7 @@ Core Options
             method: <string>
             saslMechanisms: <string>
             queryUser: <string>
-            queryPassword: <string>
+            queryPassword: <string | array>
             useOSDefaults: <boolean>
          transportSecurity: <string>
          timeoutMS: <int>
@@ -2913,7 +2913,7 @@ Key Management Configuration Options
             method: <string>
             saslMechanisms: <string>
             queryUser: <string>
-            queryPassword: <string>
+            queryPassword: <string | array>
             useOSDefaults: <boolean>
          transportSecurity: <string>
          timeoutMS: <int>
@@ -2978,24 +2978,9 @@ Key Management Configuration Options
 
 .. setting:: security.ldap.bind.queryPassword
 
-   *Type*: string
-
-   .. versionadded:: 3.4 Available in MongoDB Enterprise only.
-   
-   The password used to bind to an LDAP server when using
-   :setting:`~security.ldap.bind.queryUser`. You must use :setting:`~security.ldap.bind.queryPassword` with
-   :setting:`~security.ldap.bind.queryUser`.
-   
-   If unset, :binary:`~bin.mongod` or :binary:`~bin.mongos` will not attempt to bind to the LDAP server.
-   
-   This setting can be configured on a running :binary:`~bin.mongod` or :binary:`~bin.mongos` using
-   :dbcommand:`setParameter`.
-   
-   .. note::
-   
-      Windows MongoDB deployments can use :setting:`~security.ldap.bind.useOSDefaults`
-      instead of :setting:`~security.ldap.bind.queryPassword` and :setting:`~security.ldap.bind.queryPassword`. You cannot specify
-      both :setting:`~security.ldap.bind.queryPassword` and :setting:`~security.ldap.bind.useOSDefaults` at the same time.
+   .. include:: /includes/query-password.rst
+     :start-after: START-CONFIG-QUERYPASSWORD
+     :end-before: END-CONFIG-QUERYPASSWORD
 
 
 .. setting:: security.ldap.bind.useOSDefaults

source/reference/program/mongod.txt

@@ -959,7 +959,7 @@ LDAP Authentication or Authorization Options
 
 .. option:: --ldapQueryUser <string>
 
-   .. versionadded:: 3.4 Available in MongoDB Enterprise only.
+   *Available in MongoDB Enterprise only.*
 
    The identity with which :program:`mongod` binds as, when connecting to or
    performing queries on an LDAP server.
@@ -984,30 +984,11 @@ LDAP Authentication or Authorization Options
       both :option:`--ldapQueryUser` and :option:`--ldapBindWithOSDefaults` at the same time.
 
 
-.. option:: --ldapQueryPassword <string>
+.. option:: --ldapQueryPassword <string | array>
 
-   .. versionadded:: 3.4 Available in MongoDB Enterprise only.
-   
-   The password used to bind to an LDAP server when using
-   :option:`--ldapQueryUser`. You must use :option:`--ldapQueryPassword` with
-   :option:`--ldapQueryUser`.
-   
-   If unset, :program:`mongod` will not attempt to bind to the LDAP server.
-   
-   This setting can be configured on a running :program:`mongod` using
-   :dbcommand:`setParameter`.
-
-   Starting in MongoDB 4.4, the ``ldapQueryPassword``
-   :dbcommand:`setParameter` command accepts either a string or 
-   an array of strings. If set to an array, each password is tried 
-   until one succeeds. This can be used to perform a rollover of the 
-   LDAP account password without downtime for MongoDB.
-   
-   .. note::
-   
-      Windows MongoDB deployments can use :option:`--ldapBindWithOSDefaults`
-      instead of :option:`--ldapQueryPassword` and :option:`--ldapQueryPassword`. You cannot specify
-      both :option:`--ldapQueryPassword` and :option:`--ldapBindWithOSDefaults` at the same time.
+.. include:: /includes/query-password.rst
+   :start-after: START-MONGOD-QUERYPASSWORD
+   :end-before: END-MONGOD-QUERYPASSWORD
 
 
 .. option:: --ldapBindWithOSDefaults <bool>

source/reference/program/mongoldap.txt

@@ -241,24 +241,11 @@ Options
       both :option:`--ldapQueryUser` and :option:`--ldapBindWithOSDefaults` at the same time.
 
 
-.. option:: --ldapQueryPassword=<string>
+.. option:: --ldapQueryPassword=<string | array>
 
-   .. versionadded:: 3.4 Available in MongoDB Enterprise only.
-   
-   The password used to bind to an LDAP server when using
-   :option:`--ldapQueryUser`. You must use :option:`--ldapQueryPassword` with
-   :option:`--ldapQueryUser`.
-   
-   If unset, :program:`mongoldap` will not attempt to bind to the LDAP server.
-   
-   This setting can be configured on a running :program:`mongoldap` using
-   :dbcommand:`setParameter`.
-   
-   .. note::
-   
-      Windows MongoDB deployments can use :option:`--ldapBindWithOSDefaults`
-      instead of :option:`--ldapQueryPassword` and :option:`--ldapQueryPassword`. You cannot specify
-      both :option:`--ldapQueryPassword` and :option:`--ldapBindWithOSDefaults` at the same time.
+.. include:: /includes/query-password.rst
+   :start-after: START-MONGOLDAP-QUERYPASSWORD
+   :end-before: END-MONGOLDAP-QUERYPASSWORD
 
 
 .. option:: --ldapBindWithOSDefaults=<bool>