MongoDB Enterprise for Windows does not include LDAP support for
authentication. However, MongoDB Enterprise for Linux supports using
LDAP authentication with an ActiveDirectory server.
MongoDB does not support LDAP authentication in mixed sharded
cluster deployments that contain both version 2.4 and version 2.6
shards. See Upgrade MongoDB to 2.6 for upgrade instructions.
Use secure encrypted or trusted connections between clients and the server,
as well as between saslauthd and the LDAP server. The LDAP server uses
the SASLPLAIN mechanism, sending and receiving data in plain text.
You should use only a trusted channel such as a VPN, a connection encrypted
with TLS/SSL, or a trusted wired network.
In order to authenticate a user with the LDAP authentication mechanism,
add a corresponding user to the
$external database. You do not need to save the user’s password in
The $external database is the authentication database for the LDAP user. To authenticate the LDAP
user, you must authenticate against the $external database. When
authenticating, specify PLAIN for the authentication mechanism .
LDAP authentication requires that MongoDB forward the user’s password in
plain text. As such, you must specify digestPassword set to false