[DOCS-1505] Improve "Create an Administrator with Superuser Credentials" docs Created: 13/May/13 Updated: 09/Sep/13 Resolved: 09/Sep/13 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Mark Helmstetter | Assignee: | Sam Kleinman (Inactive) |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Participants: | |
| Days since reply: | 10 years, 23 weeks, 2 days ago |
| Description |
|
The recommendations on "Create an Administrator with Superuser Credentials" aren't entirely clear. Why not just create and admin / superuser that can do everything since this user can give himself those roles anyway? It seems that most users would expect to have this sort of admin user rather than and admin user that can only administer user roles. Ideally, this section would include an example (for easy copy/paste) for initializing this user. For example, this should create an admin user that has all necessary roles to do anything: db.addUser( { user: "admin", pwd: "CHANGEME", roles: [ "userAdminAnyDatabase","dbAdminAnyDatabase","readWriteAnyDatabase", "clusterAdmin"] }) |
| Comments |
| Comment by Sam Kleinman (Inactive) [ 09/Sep/13 ] |
|
Since this ticket was opened, we changed the "create a superuser" to a "create a user administrator" document, which renders this ticket moot. We wanted to avoid encouraging the practice of over-provisioning (potentially) unneeded access. |