2.4 Auth Documentation and Kerberos Tracking (DOCS-985)

[DOCS-1100] Document how to create & log in as user when mongod is running with Kerberos authentication Created: 07/Feb/13  Updated: 27/Feb/13  Resolved: 27/Feb/13

Status: Closed
Project: Documentation
Component/s: manual
Affects Version/s: mongodb-2.4
Fix Version/s: mongodb-2.4

Type: Sub-task Priority: Major - P3
Reporter: Mark porter Assignee: Sam Kleinman (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Participants:
Days since reply: 10 years, 51 weeks ago

 Description   

So this is how I set up my users, I guess we can have this confirmed by the Kernel team before making live.

Logged onto kserver1a.realm5.10gen.me - this is the primary MongoDB server

#mongo
MongoDB shell version: 2.4.0-rc0
connecting to: test
realm5:PRIMARY> use admin
switched to db admin
realm5:PRIMARY> show collections
realm5:PRIMARY> db.system.users.insert({ roles: ["readWriteAnyDatabase", "userAdminAnyDatabase", "dbAdminAnyDatabase", "clusterAdmin"], user: "mongouser@REALM5.10GEN.ME", userSource: "$external"
... });

kclient.realm5.10gen.me : my mongo client, another instance

 

[root@ip-10-0-5-101 bin]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: mongouser@REALM5.10GEN.ME

Valid starting Expires Service principal
02/07/13 07:02:50 02/08/13 07:02:50 krbtgt/REALM5.10GEN.ME@REALM5.10GEN.ME
renew until 02/07/13 07:02:50
[root@ip-10-0-5-101 bin]# which mongo
/usr/local/bin/mongodb/bin/mongo
[root@ip-10-0-5-101 bin]# mongo kserver1a.realm5.10gen.me
MongoDB shell version: 2.4.0-rc0
connecting to: kserver1a.realm5.10gen.me/test
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
http://docs.mongodb.org/
Questions? Try the support group
http://groups.google.com/group/mongodb-user
Error while trying to show server startup warnings: unauthorized
> use $external
switched to db $external
> db.auth(

{ mechanism: "GSSAPI", user: "mongouser@REALM5.10GEN.ME" }

)



 Comments   
Comment by auto [ 27/Feb/13 ]

Author:

{u'date': u'2013-02-27T21:03:10Z', u'name': u'Sam Kleinman', u'email': u'samk@10gen.com'}

Message: DOCS-1100: notes about adding users with authentication.
Branch: master
https://github.com/mongodb/docs/commit/c4e3900a99c005fccb339b86501c157d598e6393

Generated at Thu Feb 08 07:40:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.