Encrypt Password LDAP Query User
The LDAP Query user's password appears in plain text in mongod.config file. The ability to mask its password in automation config file using credentialstool would mitigate a security risk.
One of my clients, a large UK bank, has also highlighted this feature. They are essentially looking for a way to encrypt/hide the LDAP password from the MongoDB configuration file because of security concerns.
We have suggested using expansion directives in configuration files to load externally sourced values, or using __exec / __rest expansions, but they are concerned about the complexity of these options (and the fact that the former requires the OM app server to be always available).
More context in this case: https://mongodb--c.visualforce.com/apex/Console_CaseView?id=5002K00000saeesQAA&sfdc.override=1