|
So this is how I set up my users, I guess we can have this confirmed by the Kernel team before making live.
Logged onto kserver1a.realm5.10gen.me - this is the primary MongoDB server
#mongo
|
MongoDB shell version: 2.4.0-rc0
|
connecting to: test
|
realm5:PRIMARY> use admin
|
switched to db admin
|
realm5:PRIMARY> show collections
|
realm5:PRIMARY> db.system.users.insert({ roles: ["readWriteAnyDatabase", "userAdminAnyDatabase", "dbAdminAnyDatabase", "clusterAdmin"], user: "mongouser@REALM5.10GEN.ME", userSource: "$external"
|
... });
|
kclient.realm5.10gen.me : my mongo client, another instance
[root@ip-10-0-5-101 bin]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: mongouser@REALM5.10GEN.ME
Valid starting Expires Service principal
02/07/13 07:02:50 02/08/13 07:02:50 krbtgt/REALM5.10GEN.ME@REALM5.10GEN.ME
renew until 02/07/13 07:02:50
[root@ip-10-0-5-101 bin]# which mongo
/usr/local/bin/mongodb/bin/mongo
[root@ip-10-0-5-101 bin]# mongo kserver1a.realm5.10gen.me
MongoDB shell version: 2.4.0-rc0
connecting to: kserver1a.realm5.10gen.me/test
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
http://docs.mongodb.org/
Questions? Try the support group
http://groups.google.com/group/mongodb-user
Error while trying to show server startup warnings: unauthorized
> use $external
switched to db $external
> db.auth(
{ mechanism: "GSSAPI", user: "mongouser@REALM5.10GEN.ME" }
)
|