在本次网络研讨会中,我们将演示如何在使用LDAP身份验证的安全副本集中为MongoDB配置Percona服务器。LDAP身份验证允许您使用单个密码服务器对用户进行身份验证。仅在MongoDB Enterprise上可用,但Percona为MongoDB免费提供了此功能。
1 .
2 .● ● ● ● ● ● ● ●
3 .
4 .
5 .read readWrite dbAdmin dbOwner userAdmin clusterAdmin clusterMonitor clusterManager hostManager backup restore readAnyDatabase readWriteAnyDatabase userAdminAnyDatabase dbAdminAnyDatabase root __system
6 .use admin db.createUser({user :'admin', pwd: '123', roles : ["root"]})
7 .use admin db.createUser({user :'admin', pwd: 'mypass', roles : ["readAnyDatabase"]})
8 .
9 .db.system.users.find().pretty() { "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "ZuACyMJlu/s0dJpFzsp70Q==", "storedKey" : "zwFmdoqRCVfirWBbR1Ow1wg+HHk=", "serverKey" : "nqXAVQxV/qCWtoh5R/g5X+Fz99A=" } }, "roles" : [ { "role" : "root", "db" : "admin" } ] }
10 .
11 .http://www.openldap.org/doc/admin22/intro.html
12 .
13 .> db.getSiblingDB(" $external").createUser({ user : 'support', roles: [ {role : "read", db: 'percona'} ] }) Successfully added user: { "user" : "support", "roles" : [ { "role" : "read", "db" : "percona" } ] }
14 .db.getSiblingDB(" $external").auth( { mechanism: "PLAIN", user: 'support', pwd: '123', digestPassword: false } )
15 .● ●
16 .● ● ● ●
17 .
18 .DATABASE PERFORMANCE MATTERS
确定删除吗?
热门城市
