DOCS-14151 usertodnmapping default to username transform

Author: andf-mongodb

source/reference/configuration-options.txt

@@ -3219,6 +3219,13 @@ Key Management Configuration Options
    authentication failures to the LDAP server. :binary:`~bin.mongod` or
    :binary:`~bin.mongos` rejects the connection request and does not
    check the remaining documents in the array.
+
+   Starting in MongoDB 5.0, :setting:`~security.ldap.userToDNMapping`
+   accepts an empty string ``""`` or empty array ``[ ]`` in place of a
+   mapping documnent. If providing an empty string or empty array to
+   :setting:`~security.ldap.userToDNMapping`, MongoDB will map the
+   authenticated username as the LDAP DN. Previously, providing an
+   empty mapping document would cause mapping to fail.
 
    .. example::
 

source/reference/program/mongod.txt

@@ -1245,7 +1245,14 @@ LDAP Authentication or Authorization Options
    or authentication failures to the LDAP server. :binary:`~bin.mongod`
    rejects the connection request and does not check the remaining
    documents in the array.
-   
+
+   Starting in MongoDB 5.0, :option:`--ldapUserToDNMapping`
+   accepts an empty string ``""`` or empty array ``[ ]`` in place of a
+   mapping documnent. If providing an empty string or empty array to
+   :option:`--ldapUserToDNMapping`, MongoDB will map the
+   authenticated username as the LDAP DN. Previously, providing an
+   empty mapping document would cause mapping to fail.
+
    .. example::
 
      The following shows two transformation documents. The first

source/reference/program/mongoldap.txt

@@ -534,7 +534,14 @@ Options
    or authentication failures to the LDAP server. :program:`mongoldap`
    rejects the connection request and does not check the remaining
    documents in the array.
-   
+
+   Starting in MongoDB 5.0, :option:`--ldapUserToDNMapping`
+   accepts an empty string ``""`` or empty array ``[ ]`` in place of a
+   mapping documnent. If providing an empty string or empty array to
+   :option:`--ldapUserToDNMapping`, MongoDB will map the
+   authenticated username as the LDAP DN. Previously, providing an
+   empty mapping document would cause mapping to fail.
+
    .. example::
 
      The following shows two transformation documents. The first

source/reference/program/mongos.txt

@@ -2015,7 +2015,14 @@ LDAP Authentication and Authorization Options
    or authentication failures to the LDAP server. :binary:`~bin.mongos`
    rejects the connection request and does not check the remaining
    documents in the array.
-   
+
+   Starting in MongoDB 5.0, :option:`--ldapUserToDNMapping`
+   accepts an empty string ``""`` or empty array ``[ ]`` in place of a
+   mapping documnent. If providing an empty string or empty array to
+   :option:`--ldapUserToDNMapping`, MongoDB will map the
+   authenticated username as the LDAP DN. Previously, providing an
+   empty mapping document would cause mapping to fail.
+
    .. example::
 
      The following shows two transformation documents. The first

source/release-notes/5.0.txt

@@ -417,6 +417,18 @@ readability by separating the variables from the query text.
 The :dbcommand:`update` command also has a ``c`` field to define a list
 of variables.
 
+Support for Username to LDAP DN Mapping by Default
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Starting in MongoDB 5.0, the :setting:`~security.ldap.userToDNMapping`
+configuration file option and the :option:`--ldapUserToDNMapping
+<mongod --ldapUserToDNMapping>` command line option for
+:binary:`~bin.mongod` / :binary:`~bin.mongos` and :program:`mongoldap`
+now map the authenticated username as the LDAP DN by default if an
+empty mapping document (i.e. an empty string or empty array) is
+specified to the option. Previously, providing an empty mapping document
+would cause mapping to fail.
+
 Additional ``dbStats`` Free Space Statistics
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~