We need to set the write concern when creating a user because the next thing we do is try to authenticate on all secondaries where it may not have been created yet.