MongoDB"userAdminAnyDatabase";用户不能在“任何数据库"中管理用户.为什么? [英] A MongoDB "userAdminAnyDatabase" user cannot admin users in "any database". Why?

查看:1092
本文介绍了MongoDB"userAdminAnyDatabase";用户不能在“任何数据库"中管理用户.为什么?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

这是一个userAdminuserAdminAnyDatabase的问题.

system.users中,我具有以下用户(两个用户的密码均为1234):

In the system.users I have the following users (password 1234 for both):

> db.system.users.find()
{ "_id" : ObjectId("52a976cb7851682aa44d6d4d"), "user" : "admin_one", "pwd" : "884f516cf308a4c6a75bbc5a0a00807b", "roles" : [  "userAdmin",  "dbAdmin" ] }
{ "_id" : ObjectId("52a97c697851682aa44d6d4f"), "user" : "admin_two", "pwd" : "26e7bb644e5919461cd6ba7403dc6906", "roles" : [  "userAdminAnyDatabase",  "dbAdminAnyDatabase" ] }

与错误的用户连接:

$ mongo mono -u admin -p 1234
connecting to: mono
Thu Dec 12 10:09:00.733 Error: 18 { code: 18, ok: 0.0, errmsg: "auth fails" } at src/mongo/shell/db.js:228

可以.

与数据库管理员连接:

$ mongo mono -u admin_one -p 1234
connecting to: mono
> db.system.users.find()
{ "_id" : ObjectId("52a976cb7851682aa44d6d4d"), "user" : "admin_one", "pwd" : "884f516cf308a4c6a75bbc5a0a00807b", "roles" : [  "userAdmin",  "dbAdmin" ] }
{ "_id" : ObjectId("52a97c697851682aa44d6d4f"), "user" : "admin_two", "pwd" : "26e7bb644e5919461cd6ba7403dc6906", "roles" : [  "userAdminAnyDatabase",  "dbAdminAnyDatabase" ] }

也可以.

现在,与"AnyDatabase"管理员连接时出现错误:

Now, connecting with the "AnyDatabase" admin I get an error:

$ mongo mono -u admin_two -p 1234
connecting to: mono
> db.system.users.find()
error: { "$err" : "not authorized for query on mono.system.users", "code" : 16550 }

为什么?

推荐答案

似乎您正在尝试在mono数据库而不是{{admin}}数据库上分配userAdminAnyDatabase角色. "anyDatabase"角色仅对通过admin数据库进行身份验证的用户可用.

It appears that you're attempting to allocate the userAdminAnyDatabase role on the mono database, not the the {{admin}} database. The "anyDatabase" roles are only available for users that authenticate to the admin database.

有关更多信息,请参见任何数据库角色的文档.

See the documentation of the anyDatabase Roles for more information.

这篇关于MongoDB"userAdminAnyDatabase";用户不能在“任何数据库"中管理用户.为什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆