The DBDirectClient class should override the auth method, and change it to uassert that it is not supported to be sure.
- is related to
SERVER-26101 DBDirectClient isn't safe to auth
- related to
SERVER-33648 Attempting to perform user- and role-management commands in db.eval() with nolock=false can lead to deadlock