Delete an LDAP userToDNMapping¶

On this page

Syntax
Response Elements
Example Request
Example Response

Removes the current userToDNMapping from the LDAP configuration for an Atlas project. A userToDNMapping maps the username provided to a mongod or mongos process for authentication to an LDAP Distinguished Name (DN).

Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.

Base URL: https://cloud.mongodb.com/api/atlas/v1.0

Syntax¶

copy

DELETE /groups/{GROUP-ID}/userSecurity

Request Path Parameters¶

Parameter	Required/Optional	Description
`GROUP-ID`	Required	Identifier for the Atlas group associated with the LDAP over SSL configuration.

Request Query Parameters¶

This endpoint may use any of the HTTP request query parameters available to all Atlas API resources. These are all optional.

Name	Type	Description	Default
`pretty`	boolean	Display response in a prettyprint format.	`false`
`envelope`	boolean	Specifies whether or not to wrap the response in an envelope.	`false`

Request Body Parameters¶

This endpoint does not use HTTP request body parameters.

Response Elements¶

Name	Type	Description
`ldap`	document	Specifies the LDAP over SSL configuration details for an Atlas group.
`ldap.authenticationEnabled`	boolean	Specifies whether user authentication with LDAP is enabled.
`ldap.authorizationEnabled`	boolean	Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
`ldap.authzQueryTemplate`	string	The LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the `{USER}` placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with `hostname`. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: `{USER}?memberOf?base`.
`ldap.hostname`	string	The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
`ldap.port`	integer	The port to which the LDAP server listens for client connections.
`ldap.bindUsername`	string	The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as `CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com`.

Example Request¶

The following example unsets the values for caCertificate and authzQueryTemplate from the current LDAP configuration:

copy

curl -X DELETE --digest -i -u "{username}:{apiKey}" \
 "https://cloud.mongodb.com/api/atlas/v1.0/groups/6b9edfc387d9d60af01e0c23/userSecurity/ldap/userToDNMapping?pretty=true"

Example Response¶

The following example response shows the remaining LDAP configuration for the Atlas project:

copy

{
  "ldap" : {
    "authenticationEnabled" : true,
    "authorizationEnabled" : true,
    "authzQueryTemplate" : "{USER}?memberOf?base",
    "bindUsername" : "CN=Administrator,CN=Users,DC=atlas-ldaps-01,DC=myteam,DC=com",
    "hostname" : "atlas-ldaps-01.ldap.myteam.com",
    "port" : 636
  }
}

← Get Current LDAP Configuration Snapshots →