[DOCS-7457] Comment on: "manual/tutorial/enable-authentication.txt" Created: 17/Mar/16  Updated: 11/Jan/17  Resolved: 20/Sep/16

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: 01112017-cleanup

Type: Bug Priority: Trivial - P5
Reporter: Docs Collector User (Inactive) Assignee: Ravind Kumar (Inactive)
Resolution: Done Votes: 0
Labels: collector-298ba4e7
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Location: https://docs.mongodb.org/manual/tutorial/enable-authentication/
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0
Referrer: https://www.google.com
Screen Resolution: 1920 x 1080
repo: docs
source: tutorial/enable-authentication


Participants:
Days since reply: 7 years, 47 weeks, 6 days ago
Story Points: 0.25

 Description   

My question is: For replica sets does --auth propogate? Can it be run on a secondary ?



 Comments   
Comment by Ravind Kumar (Inactive) [ 17/Mar/16 ]

"Hello,

The --auth parameter does not propogate.

For authentication to work on a replica set, you need to start each member of the replica set with the --auth parameter.

When you create users, you must create them on the primary member of the replica set using a localhost exception. This means running a mongo shell from the same physical machine as the target mongod process.

Once users are created on the primary, they propagate to other members in the replica set.

So users as configured on the primary propagate to the remaining members of the replica set, but --auth does not.

If you are looking into security for replica sets, we strongly encourage also exploring internal authentication via keyfile or x.509 certificates. Internal Authentication secures communication between members of a replica set or sharded cluster, and enforcing internal authentication also enforces user access control.

We have updated security documentation in the pipeline that provides better documentation of security in replica sets and sharded clusters. Consider following DOCS-6963 for updates. "

Generated at Thu Feb 08 07:54:19 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.