Why is that?
$ mongo admin -u admin -p password --host 192.168.99.100
MongoDB shell version: 3.2.9
connecting to: 192.168.99.100:27017/admin
> show users
{
"_id" : "admin.admin",
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "dbAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "readWriteAnyDatabase",
"db" : "admin"
}
]
}
> db^C
bye
cesco@laptop: ~/code/go/src/bitbucket.org/cescoferraro/cluster/containers on develop [!$]
$ mongo iot -u admin -p password --host 192.168.99.100
MongoDB shell version: 3.2.9
connecting to: 192.168.99.100:27017/iot
2016-09-25T22:22:36.829-0300 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
Best Answer
Although the
admin
user you've created has global permissions through *AnyDatabase roles, the user credentials only exist in theadmin
database. As per your example, you will fail to authenticate if matching user credentials don't exist in the database you are trying to access.To authenticate with the
mongo
shell using credentials stored in a different database from the one which you are trying to access (admin
vsiot
) you can either:1) Specify the database with user credentials using
--authenticationDatabase
:2) Specify the default database as
/admin
and then change to the desired target database:The first example is the most typical approach.
NOTE: If you want to specify host and database as per the second example, you have to provide the database connection string without using the
--host
parameter.