|
Hi Alan –
I followed the instructions in http://docs.mongodb.org/manual/tutorial/enable-authentication/ to create my siteUserAdmin user with the userAdminAnyDatabase role
> use admin
|
switched to db admin
|
> db.createUser(
|
... {
|
... user: "siteUserAdmin",
|
... pwd: "password",
|
... roles:
|
... [
|
... {
|
... role: "userAdminAnyDatabase",
|
... db: "admin"
|
... }
|
... ]
|
... }
|
... )
|
Successfully added user: {
|
"user" : "siteUserAdmin",
|
"roles" : [
|
{
|
"role" : "userAdminAnyDatabase",
|
"db" : "admin"
|
}
|
]
|
}
|
> quit()
|
Then to perform the steps in http://docs.mongodb.org/manual/tutorial/add-user-to-database/, I logged in as the newly created siteUserAdmin and was able to create the user in the page
~/Mongo $ /Users/kay/Mongo/mongodb-2.6.3/bin/mongo -u siteUserAdmin -p password --authenticationDatabase admin
|
MongoDB shell version: 2.6.3
|
connecting to: test
|
> use reporting
|
switched to db reporting
|
> db.createUser(
|
... {
|
... user: "reportsUser",
|
... pwd: "12345678",
|
... roles: [
|
... { role: "read", db: "reporting" },
|
... { role: "read", db: "products" },
|
... { role: "read", db: "sales" }
|
... ]
|
... }
|
... )
|
Successfully added user: {
|
"user" : "reportsUser",
|
"roles" : [
|
{
|
"role" : "read",
|
"db" : "reporting"
|
},
|
{
|
"role" : "read",
|
"db" : "products"
|
},
|
{
|
"role" : "read",
|
"db" : "sales"
|
}
|
]
|
}
|
|
It seems like in the CS ticket, the added user seems to need to do show collections and other actions, which the userAdminAnyDatabase role would not provide. However, userAdminAnyDatabase seems sufficient to do the next step to add users.
As such, will close the ticket.
|