我试图在不使用SASLauthd的情况下配置mongoDB Enterprise。
基于Mongo文档,这似乎是一个选择,但是,我缺少了一些东西。 很可能在我的ldap Bind中,我不确定自己缺少什么。
这是我的配置文件。
net:
bindIpAll: true
port: 27018
security:
ldap:
servers: "adldap.example.com"
bind:
queryUser: "mongouser@example.com"
queryPassword: "password"
method: "simple"
userToDNMapping:
'[
{
match: "(.+)",
ldapQuery: "OU=accounts,OU=Generic,OU=mydir,DC=example,DC=com(uid={0})"
}
]'
transportSecurity: none
setParameter:
authenticationMechanisms: PLAIN
sharding:
configDB: config-server/names
systemLog:
verbosity: 0
destination: file
path: /tmp/mongos_token.log
这是我要匹配的LDAP用户
CN=mongouser,OU=accounts,OU=Generic,OU=mydir,DC=example,DC=com
这是日志语句
hard list from config server :: caused by :: command find requires authentication; will retry after 30s
2019-03-06T17:01:37.777-0500 W SHARDING [replSetDistLockPinger] pinging failed for distributed lock pinger :: caused by :: Unauthorized: command findAndModify requires authentication
2019-03-06T17:01:37.777-0500 I ACCESS [ShardRegistry] Failed to authenticate in transitionToAuth, falling back to no authentication.
2019-03-06T17:01:38.376-0500 I ASIO [ShardRegistry] Connecting to configserver1.example.com:40000
2019-03-06T17:01:38.389-0500 I ACCESS [ShardRegistry] Failed to authenticate in transitionToAuth, falling back to no authentication.
2019-03-06T17:01:39.774-0500 W SHARDING [mongosMain] Error initializing sharding state, sleeping for 2 seconds and trying again :: caused by :: Unauthorized: Error loading clusterID :: caused by :: command find requires authentication