We have C# application which run as service and every 5 minutes pushes data to MongoDB.
Our connection string for MongoDB is (It uses Kerberose)
mongodb://svc_APP-UAT%40MYCOMPANY.COM@server-n1:27017,server-n2:27017,server-n3:27017/?ssl=true&replicaSet=RS_PROD&readPreference=primary&serverSelectionTimeoutMS=5000&connectionTimeoutMS=10000&authSource=$external&authMechanism=GSSAPI&applicationName=MY TEST APPLICATION
Application able to save data to MongoDB every 5 minutes , however intermittently we get following error and data doesn’t get save to MongoDB
MongoDB.Driver.MongoAuthenticationException: Unable to authenticate using sasl protocol mechanism GSSAPI. —> MongoDB.Driver.MongoCommandException: Command saslContinue failed: Failed to acquire LDAP group membership.
As you’re on Enterprise Advanced my first advise is open a support ticket with MongoDB Support.
I have seen this with slow or unresponsive LDAP/AD servers. You need to discuss this performance with the team responsible.
Also check if you have ldapUserCacheInvalidationInterval set on the servers this can reduce the frequency of which the group membership has to be queried from ldap in general but may not address the root cause.
Thank you Chris. We will look into to open ticket with MongoDB support
Currently we are using kerberose (just user name used in connection string) for MongoDB connectivity , will make a difference if we use LDAP (user name and password both in connection string) instead of Kerberose while initiating the connection from client app?