Wrong auth mechanism for Mongod community.mongodb module

Get Help
,
1

Hello!
Hope you doing well!

I faced problem during creation Playbook for MongoDb ReplicaSet

For adding host to existing replicaset i’m using “community.mongodb.mongodb_replicaset” module , so if i’m using database local account as " login_user" parametr everything is working fine, but when i’m trying to use AD account using " login_database" parametr with “$external” value i got error “Unsupported mechanism ‘SCRAM-SHA-1’ on authentication database ‘$external’" even if adding parametr " auth_mechanism” and set it to “PLAIN” .
Same behavior when i’m trying to use “community.mongodb.mongodb_user” module to remove user, logging into database with AD account, but with database local account it’s working.

Can you please advise me what i’m doing wrong?

Thank you in advance!

1 Like
2 
---
- name: Manage MongoDB with AD Authentication
  hosts: localhost  # or your target hosts
  gather_facts: no
  tasks:
    - name: Add host to existing MongoDB ReplicaSet using AD account
      community.mongodb.mongodb_replicaset:
        login_host: "{{ mongodb_host }}"
        login_port: "{{ mongodb_port | default(27017) }}"
        login_user: "{{ ad_username }}"
        login_password: "{{ ad_password }}"
        login_database: "$external"
        auth_mechanism: "PLAIN"
        replica_set: "{{ replicaset_name }}"
        members:
          - host: "{{ new_host }}"
            priority: 0
        state: present

    - name: Remove MongoDB user using AD account
      community.mongodb.mongodb_user:
        login_host: "{{ mongodb_host }}"
        login_port: "{{ mongodb_port | default(27017) }}"
        login_user: "{{ ad_username }}"
        login_password: "{{ ad_password }}"
        login_database: "$external"
        auth_mechanism: "PLAIN"
        database: "{{ user_database }}"
        user: "{{ user_to_remove }}"
        state: absent

  vars:
    mongodb_host: "your_mongodb_server"
    mongodb_port: 27017  # if not default
    replicaset_name: "your_replicaset_name"
    ad_username: "ad_user@yourdomain.com"
    ad_password: "ad_password"
    new_host: "new_host_ip:port"
    user_database: "your_database"
    user_to_remove: "username_to_remove"