Why is that?
$ mongo admin -u admin -p password --host 192.168.99.100
MongoDB shell version: 3.2.9
connecting to: 192.168.99.100:27017/admin
> show users
{
"_id" : "admin.admin",
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "dbAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "readWriteAnyDatabase",
"db" : "admin"
}
]
}
> db^C
bye
cesco@laptop: ~/code/go/src/bitbucket.org/cescoferraro/cluster/containers on develop [!$]
$ mongo iot -u admin -p password --host 192.168.99.100
MongoDB shell version: 3.2.9
connecting to: 192.168.99.100:27017/iot
2016-09-25T22:22:36.829-0300 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
Best Answer
Although the
adminuser you've created has global permissions through *AnyDatabase roles, the user credentials only exist in theadmindatabase. As per your example, you will fail to authenticate if matching user credentials don't exist in the database you are trying to access.To authenticate with the
mongoshell using credentials stored in a different database from the one which you are trying to access (adminvsiot) you can either:1) Specify the database with user credentials using
--authenticationDatabase:2) Specify the default database as
/adminand then change to the desired target database:The first example is the most typical approach.
NOTE: If you want to specify host and database as per the second example, you have to provide the database connection string without using the
--hostparameter.