We installed the percona mongodb according to the instructions on their website. Installed and configured ldap (I am able to use testsaslauthd). So right now user LDAP auth works. As I try to get Group Authentication and Authorization working, I am getting Unrecognized option: security.ldap.bind.queryUser. This is the same mongod.conf file that works with MongoDB Enterprise. Below is an example of the security section of the conf file:
security:
authorization: "enabled"
ldap:
servers: "ldapserver.company.com"
bind:
queryUser: "queryUser"
queryPassword: "queryPassword"
userToDNMapping:
'[
{
match : "(.+)",
ldapQuery: "DC=corp,DC=company,DC=com??sub?(samAccountName={0})"
}
]'
authz:
queryTemplate: "DC=corp,DC=company,DC=com??sub?(&(objectClass=group)(member={USER}))"
This is not working for us. Is a dependency that needs to be installed or if there is a special method\way that the mongod.conf needs to be written to get group auth to work above and beyond what is needed for user auth?
Percona Server for MongoDB has support for LDAP Authentication, but does not yet support LDAP Authorization. We're aware of the needs for this, and it's on the roadmap, but I can't promise any delivery timeframes.
Peter Schwaller (MongoDB PM, Percona)