Delete an LDAP userToDNMapping¶

On this page

Syntax
Response Elements
Example Request
Example Response

Removes the current userToDNMapping from the LDAP configuration for an Atlas project. A userToDNMapping maps the username provided to a mongod or mongos process for authentication to an LDAP Distinguished Name (DN).

Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

Base URL: https://cloud.mongodb.com/api/atlas/v1.0

Syntax¶

copy

DELETE /groups/{GROUP-ID}/userSecurity

Request Path Parameters¶

Parameter	Required/Optional	Description
`GROUP-ID`	Required	Identifier for the Atlas group associated with the LDAP over TLS/SSL configuration.

Request Query Parameters¶

This endpoint may use any of the HTTP request query parameters available to all Atlas API resources. These are all optional.

Name	Type	Description	Default
`pretty`	boolean	Displays response in a prettyprint format.	`false`
`envelope`	boolean	Specifies whether or not to wrap the response in an envelope.	`false`

Request Body Parameters¶

This endpoint does not use HTTP request body parameters.

Response Elements¶

Name	Type	Description
`ldap`	document	Specifies the LDAP over TLS/SSL configuration details for an Atlas group.
`ldap.authenticationEnabled`	boolean	Specifies whether user authentication with LDAP is enabled.
`ldap.authorizationEnabled`	boolean	Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
`ldap.authzQueryTemplate`	string	The LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the `{USER}` placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with `hostname`. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: `{USER}?memberOf?base`.
`ldap.hostname`	string	The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
`ldap.port`	integer	The port to which the LDAP server listens for client connections.
`ldap.bindUsername`	string	The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as `CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com`.

Example Request¶

The following example unsets the values for caCertificate and authzQueryTemplate from the current LDAP configuration:

copy

curl -X DELETE --digest -i -u "{username}:{apiKey}" \
 "https://cloud.mongodb.com/api/atlas/v1.0/groups/6b9edfc387d9d60af01e0c23/userSecurity/ldap/userToDNMapping?pretty=true"

Example Response¶

The following example response shows the remaining LDAP configuration for the Atlas project:

copy

{
  "ldap" : {
    "authenticationEnabled" : true,
    "authorizationEnabled" : true,
    "authzQueryTemplate" : "{USER}?memberOf?base",
    "bindUsername" : "CN=Administrator,CN=Users,DC=atlas-ldaps-01,DC=myteam,DC=com",
    "hostname" : "atlas-ldaps-01.ldap.myteam.com",
    "port" : 636
  }
}

← Get Current LDAP Configuration Snapshots →