MongoByte MongoDB Logo

Welcome to the new MongoDB Feedback Portal!

{Improvement: "Your idea"}
We’ve upgraded our system to better capture and act on your feedback.
Your feedback is meaningful and helps us build better products.

Add new feedback Subscribe
Status Submitted
Categories Enterprise Advanced
Created by Guest
Created on Sep 17, 2020

RELATED FEEDBACK

Encrypt Password LDAP Query User

The LDAP Query user's password appears in plain text in mongod.config file. The ability to mask its password in automation config file using credentialstool would mitigate a security risk.
  • Guest
    Feb 5, 2021
    One of my clients, a large UK bank, has also highlighted this feature. They are essentially looking for a way to encrypt/hide the LDAP password from the MongoDB configuration file because of security concerns. We have suggested using expansion directives in configuration files to load externally sourced values, or using __exec / __rest expansions, but they are concerned about the complexity of these options (and the fact that the former requires the OM app server to be always available). More context in this case: https://mongodb--c.visualforce.com/apex/Console_CaseView?id=5002K00000saeesQAA&sfdc.override=1
    Reply