LDAP Issue for 3.6

Im getting Error: Authentication failed when trying to connect to my companies ldap server when logging in. testsaslauthd works fine. Does this only work with OpenLDAP?? We installed Mongo 4.0 Enterprise and its able to connect with the same configuration. Trying to find the difference. Cant use Percona if we cant get this to work.

Hello we’ll need a little more info if you can.

Given you’re not using openLDAP what service are you using?

Also, please let us know:
[LIST]
[]the version of Percona Server for MongoDB you are trying to install (our latest release is 3.6) db.version()`
[
]the config file
[]steps being taken to install
[
]OS version
[/LIST] Thanks!

Today I was able to get 2 of the nodes in our replica set to use LDAP. Not sure why the third one is having issues because all of the mongod.conf files are the same. Also the saslauthd files are the same. It wasnt working on any of the nodes until I configured the replica set. It happen to be the 2 secondary nodes that started working. Maybe I am not creating the users correctly in the $external DB?? When the logins were copied they started working?? Since I got 2 nodes working I dont think this is a LDAP issue.

We are running RedHat 6.10.

I was not aware that 4.0 was available. Your website just goes to 3.6.

Also what are all of the extra libraries that are need to be installed to get the LDAP to function? I just want to compare. I did notice that the Mongo 4.0 Enterprise version downloads the cyrus libraries that are needed.

I may rebuild the initial server and have the replica set copy everything over.

Thanks

My apologies on the release version!! I was reading your 4.0 and thinking 3.6. Unfortunately I typed 4.0! You are correct Percona’s latest release is 3.6. More haste less speed!

I will share this post to our MongoDB team to see if they have advice to share… thanks for your patience! :slight_smile:

It seemed like the only way I could get it to work is creating the replica set and having the sync process copy over the logins. I got the third node working by making the 2nd node the primary and completely reinstalling the first node. When I added the node back to the replica set LDAP started working. I am not sure if its the way the LDAP accounts are created or not. All were created with db.getSiblingDB(“$external”).createUser({. Not sure if there is a specific way it needs to be done or the permission of the user to create them??

Even though Im happy to get this working, I am pretty sure this is not the intended way. We still have a development environment that needs to use LDAP that we cant get to work.

Thanks