Uploaded image for project: 'Percona Server for MongoDB'
  1. Percona Server for MongoDB
  2. PSMDB-583

Detect a connection loss to LDAP server and reconnect automatically

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.6.19-7.0, 4.2.8-8, 4.0.20-13
    • Component/s: None
    • Labels:
      None

      Description

      If there were any issues with connection to LDAP server (either networking issues, or restart of LDAP server), after the connection is restored user is unable to log in to DB.

      STR:

      1) start PSMDB

      2) restart LDAP server or temporary break connection to LDAP

      3) connection to LDAP server is restored

      Actual behavior:

      User can't log in due to error 'Can't contact LDAP server', restart of PSMDB helps to resolve the issue

      Expected behavior:

      User is able to log in without restart

      Logs:

      vagrant@bionic:~$ sudo systemctl restart mongod
      vagrant@bionic:~$ sudo systemctl restart slapd
      vagrant@bionic:~$ mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
      connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
      2020-03-04T11:30:52.719+0000 E  QUERY    [js] Error: LDAP search failed with error: Can't contact LDAP server :
      connect@src/mongo/shell/mongo.js:341:17
      @(connect):3:6
      2020-03-04T11:30:52.721+0000 F  -        [main] exception: connect failed
      2020-03-04T11:30:52.721+0000 E  -        [main] exiting with code 1
      vagrant@bionic:~$ sudo systemctl restart mongod
      vagrant@bionic:~$ mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
      connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
      Implicit session: session { "id" : UUID("7db520bc-72a6-464c-a101-37d93886c8cc") }
      > 
      bye
      
      vagrant@bionic:~$ sudo systemctl restart mongod
      vagrant@bionic:~$ sudo iptables -A INPUT -p tcp --destination-port 389 -j DROP
      vagrant@bionic:~$ date && mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
      Wed Mar  4 11:10:41 UTC 2020
      connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
      2020-03-04T11:26:20.685+0000 E  QUERY    [js] Error: LDAP search failed with error: Can't contact LDAP server :
      connect@src/mongo/shell/mongo.js:341:17
      @(connect):3:6
      2020-03-04T11:26:20.691+0000 F  -        [main] exception: connect failed
      2020-03-04T11:26:20.691+0000 E  -        [main] exiting with code 1
      vagrant@bionic:~$ sudo iptables -D INPUT -p tcp --destination-port 389 -j DROP
      vagrant@bionic:~$ date && mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
      Wed Mar  4 11:27:17 UTC 2020
      connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
      2020-03-04T11:27:17.881+0000 E  QUERY    [js] Error: LDAP search failed with error: Can't contact LDAP server :
      connect@src/mongo/shell/mongo.js:341:17
      @(connect):3:6
      2020-03-04T11:27:17.883+0000 F  -        [main] exception: connect failed
      2020-03-04T11:27:17.883+0000 E  -        [main] exiting with code 1
      vagrant@bionic:~$ sudo systemctl restart mongod
      vagrant@bionic:~$ date && mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
      Wed Mar  4 11:27:33 UTC 2020
      > 
      bye
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              igor.solodovnikov Igor Solodovnikov
              Reporter:
              sandra.romanchenko Sandra Romanchenko
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 3 weeks, 5 minutes
                  3w 5m

                    Smart Checklist