Skip to content

Commit 5ec5b21

Browse files
ianf-mongodbianf-mongodb
authored
DOCSP-27860 Add LDAP Auth Connection Details (#283)
* DOCSP-27860 Add LDAP Auth Connection Details * XR1 * * * * * Remove extra auth methods * * * * * * * IR * * * * * *
1 parent bc655a6 commit 5ec5b21

File tree

1 file changed

+42
-0
lines changed

1 file changed

+42
-0
lines changed

source/connect.txt

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -122,6 +122,48 @@ option for programmatic usage of ``mongosh``, like a :driver:`driver
122122
- To provision access to a MongoDB deployment, see :manual:`Database
123123
Users </core/security-users/>`.
124124

125+
126+
Connect with LDAP
127+
~~~~~~~~~~~~~~~~~
128+
129+
To connect to a deployment using :ref:`LDAP <security-ldap>`:
130+
131+
- Set :option:`--username <mongosh --username>` to a username that
132+
respects the :setting:`security.ldap.authz.queryTemplate`, or any
133+
configured :setting:`security.ldap.userToDNMapping` template.
134+
135+
- Set :option:`--password <mongosh --password>` to the appropriate
136+
password. If you do not specify the password to the
137+
``--password`` command-line option, ``mongosh`` prompts you for
138+
the password.
139+
140+
- Set :option:`--authenticationDatabase <mongosh --authenticationDatabase>`
141+
to ``$external``.
142+
The ``$external`` argument must be placed in single quotes, not
143+
double quotes, to prevent the shell from interpreting ``$external``
144+
as a variable.
145+
146+
- Set :option:`--authenticationMechanism <mongosh --authenticationMechanism>`
147+
to ``PLAIN``.
148+
149+
.. warning::
150+
151+
When you use one-time passwords with LDAP authentication, adding
152+
the :ref:`connection string options <connections-connection-options>`
153+
``maxPoolSize=1&srvMaxHosts=1`` to your connection string is
154+
recommended to reduce the potential for connection failures.
155+
156+
Include the :option:`--host <mongosh --host>` and
157+
:option:`--port <mongosh --port>` of the MongoDB deployment, along with
158+
any other options relevant to your deployment.
159+
160+
For example, the following operation authenticates to a MongoDB
161+
deployment running with LDAP authentication and authorization:
162+
163+
.. code-block:: bash
164+
165+
mongosh --username alice@dba.example.com --password --authenticationDatabase '$external' --authenticationMechanism "PLAIN" --host "mongodb.example.com" --port 27017
166+
125167
Connect to a Replica Set
126168
~~~~~~~~~~~~~~~~~~~~~~~~
127169

0 commit comments

Comments
 (0)