Details
Critical Description
Our Native LDAP client doesn't support certificate authentication to the LDAP server.
Old saslauthd, even though was much inferior in many things, does support it via it's settings
ldap_tls_cert: cert.crt
ldap_tls_key: pkey.key
It is important for cases client would like to authenticate with remote LDAP like google GCP.
Currently we support LDAP communication unsecured, secured with Certificate validation or without. However every one of these method require username and password.
Attachments
Issue Links
| For Gerrit Dashboard: MB-40713 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 133408,4 | MB-40713: Perform ldap sasl external bind in case of client ... | mad-hatter | ns_server | Status: MERGED | +2 | +1 |
| 133490,3 | MB-40713, CBD-3548: Rebuild Erlang with dev updates | mad-hatter | tlm | Status: MERGED | +2 | +1 |
| 136665,1 | Merge remote-tracking branch 'couchbase/mad-hatter' | master | ns_server | Status: MERGED | +2 | +1 |
| 140963,1 | Merge remote-tracking branch 'origin/mad-hatter' | master | tlm | Status: MERGED | +2 | +1 |