Show/Hide Toolbars

MongoDB Notes

Navigation: Other Tools > Kerberos

Creating a User Principal

Scroll Prev Top Next More


This procedure describes how to create a user principal for users to log into MongoDB via the mongo program.  The process is similar to the one for creating a MongoDB service key.  However, there are some differences.  When creating a user principal:


You do not generate a keytab file.

The user principal is simpler than the service principal, consisting of a user name and a realm.




You have installed the Kerberos server on its host machine.

The client computer must have the Kerberos client software installed.

You have identified a user name and password for each user you need to support.

The user principals have not yet been created in Kerberos.


Procedure to Create a User Principal in Kerberos (Ubuntu)


1.Log onto a terminal on computer or virtual machine with Kerberos client or server installed.

2.Authenticate with Kerberos as an administrator.  The command prompts you for the password of the administrator.  Enter this password.


kinit waysys/admin@WAYSYSWEB.US.COM


3.Launch kadmin.  The command prompts you for the password of the administrator referenced in Step 2.  Enter this password.




4.At the kadmin: prompt, enter this command to create the user principal.  The command prompts you for the desired password of this new service principal.  Enter the desired password and remember it.


kadmin:  addprinc user1@WAYSYSWEB.US.COM


5.At the kadmin: prompt, enter exit to leave the kadmin program.