Skip to content

DOCS-9077: LDAP landing page changes #2788

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

DOCS-9077: LDAP landing page changes #2788

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 34 additions & 10 deletions source/core/authentication-mechanisms-enterprise.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,31 +37,55 @@ For more information on Kerberos and MongoDB, see:

.. _security-auth-ldap:

LDAP Proxy Authority Authentication
-----------------------------------
LDAP Proxy Authentication
-------------------------

`MongoDB Enterprise (excluding Windows version)
`MongoDB Enterprise
<http://www.mongodb.com/products/mongodb-enterprise?jmp=docs>`_ supports
proxy authentication through a Lightweight Directory Access Protocol
(LDAP) service.

LDAP support for user authentication requires proper configuration of the
``saslauthd`` daemon process as well as the MongoDB server.
.. versionchanged:: 3.4

For more information on LDAP and MongoDB, see
MongoDB 3.4 supports using operating system libraries instead of the
`saslauthd <http://www.linuxcommand.org/man_pages/saslauthd8.html>`_
daemon, allowing MongoDB 3.4 servers running on Linux and Microsoft Windows
to connect to LDAP servers. Linux MongoDB deployments continue to support
``saslauthd``.

- :doc:`/core/security-ldap`,
Previous versions of MongoDB support authentication against an LDAP server
using simple and SASL binding via ``saslauthd``. This restricted LDAP
authentication support to only Linux MongoDB deployments.

- :doc:`/tutorial/configure-ldap-sasl-openldap` and
See :doc:`/core/security-ldap` for more information.

- :doc:`/tutorial/configure-ldap-sasl-activedirectory`.
LDAP Authorization
~~~~~~~~~~~~~~~~~~

.. versionadded:: 3.4

MongoDB Enterprise supports querying an LDAP server for the LDAP groups the
authenticated user is a member of. MongoDB maps the Distinguished Names (DN)
of each returned group to :ref:`roles <roles>` on the ``admin`` database.
MongoDB authorizes the user based on the mapped roles and their associated
privileges. See :ref:`LDAP Authorization <security-ldap-external>` for more
information.

.. seealso::

- :doc:`/core/security-ldap`,

- :doc:`/tutorial/configure-ldap-sasl-openldap` and

- :doc:`/tutorial/configure-ldap-sasl-activedirectory`.


.. class:: hidden

.. toctree::
:titlesonly:
:titlesonly:

/core/kerberos
/core/security-ldap
/core/security-ldap-external

Loading