Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-10016

Can't add a shard after first user is added in auth mode

    • Type: Icon: Question Question
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: 2.4.4, 2.5.0
    • Component/s: Security, Sharding
    • None
    • Environment:
      Sharded with Kerberos authentication

      When configuring a sharded cluster with authentication in localhost bypass mode, you have to add a shard before you add the first user on a database other than admin or config, or else you can't add a shard. While we are working on getting this documented, it still isn't intuitive.

      It would be better to be able to add a user, or have a user database pre-populated with a clusterAdmin level user, prior to adding shards.

      This is primarily an issue if the first user you plan to add is on the $external database, say because the user is to be authenticated via Kerberos of LDAP proxy.

            Assignee:
            spencer.jackson@mongodb.com Spencer Jackson
            Reporter:
            michael.grundy Michael Grundy
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: