Percona LDAP configuration

Hi all,

First time posting however could do with any help anyone could provide. I’ve setup percona mongodb inside a container and as part of that container i’ve also got saslauthd running. I’m able to do the testsaslauthd piece fine and it proves my connection to our AD is working fine.

The container is RHEL based and i’ve put my mongo.conf definition in /etc/sasl2/ however I’m unable to get LDAP authentication working. When i attempt with the following command:

db.getSiblingDB("$external").auth( { user : “user”, pwd : “pass”, mechanism: “PLAIN”, digestPassword: false } ) ;

I get the following error:

Error: Missing expected field “mechanism”

Despite it being referenced in the authentication string, the log file isn’t yielding anything valuable either and neither is the saslauthd log but I suspect it isn’t even getting as far as trying to talk go the saslauthd daemon.

If anyone can assist in shedding any light on this i’d be greatly appreciative.

Thanks

Just following up on my own post, i’ve resolved this myself. For anyone’s reference it requires ensuring the cyrus-sasl-plain package is present. In fairness i’ve not had much experience with sasl so i’m glad to have figured this out.

Hi Numanoids,
I have set this up on CentOS 7 and got same error message when trying to auth against OpenLDAP. The LDAP server is on local host, user openldapper was created and “testsaslauthd -u openldapper -p secret” returned Success. ldap-sample-server/ldap-sample-client test also returned success. When trying to authenticate the user, this message shows up.
Also, if I had cyrus-sase-ldap installed, starting mongod will result message “mongod: ldapdb_canonuser_plug_init() failed in sasl_canonuser_add_plugin(): invalid parameter supplied” in /var/log/messages. Do you need to install cyrus-sasl-ldap package?

Do you mind to list the files you need to create/modify?

Thanks