PHPC-45: Orchestarte PLAIN/LDAP authentication mechanism

Author: bjori

Vagrantfile

@@ -21,6 +21,7 @@ Vagrant.configure(2) do |config|
 
     mo.vm.provision "shell", path: "scripts/ubuntu/essentials.sh"
     mo.vm.provision "shell", path: "scripts/ubuntu/mongo-orchestration.sh"
+    mo.vm.provision "shell", path: "scripts/ubuntu/ldap/install.sh"
   end
 
   config.vm.define "ldap", autostart: false do |ldap|

scripts/presets/standalone-plain.json

@@ -0,0 +1,17 @@
+{
+    "name": "mongod",
+    "id" : "STANDALONE-PLAIN",
+    "auth_key": "secret",
+    "login": "root",
+    "password": "toor",
+    "procParams": {
+        "dbpath": "/tmp/standalone-plain/",
+        "ipv6": true,
+        "logappend": true,
+        "logpath": "/tmp/standalone-plain/m.log",
+        "journal": true,
+        "port": 2400,
+        "setParameter": {"enableTestCommands": 1, "saslauthdPath": "/var/run/saslauthd/mux", "authenticationMechanisms": "MONGODB-CR,PLAIN"}
+    }
+}
+

scripts/ubuntu/ldap/install.sh

@@ -0,0 +1,13 @@
+sudo apt-get -y install ldap-utils libsasl2-modules-ldap sasl2-bin
+
+# setup saslauthd
+sudo sed -i 's/MECHANISMS="pam"/MECHANISMS="ldap"/' /etc/default/saslauthd
+sudo sed -i 's/START=no/START="yes"/' /etc/default/saslauthd
+sudo cp /phongo/scripts/ubuntu/ldap/saslauthd.conf /etc/
+sudo service saslauthd restart
+
+testsaslauthd -u bugs -p password -s mongod -f /var/run/saslauthd/mux
+#Show your work!
+ldapsearch -x -LLL -b dc=10gen,dc=me
+ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
+

scripts/ubuntu/ldap/saslauthd.conf

@@ -0,0 +1,3 @@
+ldap_servers: ldap://192.168.112.20:389
+ldap_search_base: ou=Users,dc=10gen,dc=me
+ldap_filter: (uid=%u)