MongoDB and OpenLDAP

This guide shows you how to install and configure a secure OpenLDAP service on Ubuntu 18.04 running in AWS. The service supports LDAP and optionally LDAPS.

In addition we provide instructions on how to configure MongoDB Enterprise and/or MongoDB Atlas to use this LDAP service to manage user authentication and authorization.

OpenLDAP

Follow these steps to create a suitable/small AWS instance where we can deploy our OpenLDAP service.

Follow these steps to deploy a basic OpenLDAP service (LDAP only).

This LDAP server is configured with two users and two groups for demonstration purposes.

Follow these optional steps if you wish to reconfigure your LDAP server to support LDAPS. These steps are required if you plan to use your LDAP server with MongoDB Atlas (option 2 below).

Option 1 - MongoDB Enterprise

Follow these steps to install and configure a MongoDB Enterprise server to use our OpenLDAP server as an LDAP endpoint.

Option 2 - MongoDB Atlas

Follow these steps to configure MongoDB Atlas to use our OpenLDAP server as an LDAPS endpoint.

Acknowledgements & References

MongoDB Documentation References

• LDAP Proxy Authentication
• LDAP Authorization
• Configuration File Options for LDAP
• mongoldap

MongoDB Atlas Documentation References

• Set up User Authentication and Authorization with LDAP

MongoDB Blog posts

• How to Configure LDAP Authentication for MongoDB

External Guides

• OpenLDAP setup (with some minor changes, e.g. changing HDB to MDB for the olcDatabase)
• TLS setup (see the 'TLS' section)