Can not access other dbs for user who created as "userAdminAnyDatabase" role

Question

In mongo 2.4.x, it supports a new way to create user in admin database, I thought the user created with userAdminAnyDatabase role should be able to access all other database right?

db.addUser({user:"u", pwd:"p", roles:["userAdminAnyDatabase"]})

However, it cant do this follow the doc.

When I created a users in the 2.2.x style, It works.

db.addUser("u","p")

My question is had I mistaken the operations? If I want to create a user who can access all dbs using the 2.4.x syntax, what't the correct way? Any other options needed?

Thanks.

Here is the details shell code:

➜  mgo ✗ mongo
MongoDB shell version: 2.4.5
connecting to: test
> use admin
switched to db admin
> db.addUser({user: "u", pwd: "p", roles:["userAdminAnyDatabase"]})
{
    "user" : "u",
    "pwd" : "d4198ee555320fa5c048da6d6da440d8",
    "roles" : [
        "userAdminAnyDatabase"
    ],
    "_id" : ObjectId("51dc20f0282f72950455b62e")
}
> db.auth(
Display all 170 possibilities? (y or n)
> db.auth("u","p")
1
> ^C
bye
➜  mgo ✗ mongo admin -u u -p p
MongoDB shell version: 2.4.5
connecting to: admin
> show dbs
Tue Jul  9 22:44:47.959 JavaScript execution failed: listDatabases failed:{ "ok" : 0, "errmsg" : "unauthorized" } at src/mongo/shell/mongo.js:L46
> use admin
switched to db admin
> db.addUser("uncle", "peter")
{
    "user" : "uncle",
    "readOnly" : false,
    "pwd" : "e42842e07c4fc324e9724d6aa41f6411",
    "_id" : ObjectId("51dc22456642fa58413adffc")
}
> db.auth("uncle", "peter")
1
> ^C
bye
➜  mgo ✗ mongo admin -u uncle -p peter
MongoDB shell version: 2.4.5
connecting to: admin
> show dbs
admi    (empty)
admin   0.203125GB
local   0.078125GB
qortex_global   0.203125GB
qortexprod  0.203125GB
test    (empty)
>

Answer 1

The documentation on userAdminAnyDatabase says (http://docs.mongodb.org/manual/reference/user-privileges/#userAdminAnyDatabase):

However, userAdminAnyDatabase and userAdmin do not explicitly authorize a user for any privileges beyond user administration.

You will also have to add the "clusterAdmin" role for the list databases command: http://docs.mongodb.org/manual/reference/user-privileges/#clusterAdmin

If you want you user to read/write from the database and collections, you will need to add another role, the "readWrite" role: http://docs.mongodb.org/manual/reference/user-privileges/#readWrite