I'm starting with MongoDB and I would like to user/pass access to the dbs. The first thing I did was to create and admin user and start mongodb with auth activate, this is my created user:
db.getUser("admin") { "_id" : "admin.admin", "user" : "admin", "db" : "admin", "roles" : [ { "role" : "dbAdminAnyDatabase", "db" : "admin" }, { "role" : "clusterAdmin", "db" : "admin" } ] } }
After that, I try to create users with the following commands:
use newdb db.createUser( { user: "newuser", pwd: "12345678", roles: [ { role: "readWrite", db: "newdb" } ] } )
But I got this error:
Error: couldn't add user: not authorized on newdb to execute command { createUser: "newuser", pwd: "xxx", roles: [ { role: "readWrite", db: "newdb" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } } at src/mongo/shell/db.js:1004
I have googled about it but there are only two results, one on Chinese and the other not related, so I'm a little lost. Any idea ? It looks like my admin user doesn't have privilege, I access to the mongodb with the following command:
$mongo --port 27017 -u adminUser -p adminPass --authenticationDatabase admin
Thanks in advance.
Can't add user after creating admin user: createUser requires authentication. You need to authenticate with the admin user to create subsequent users. If you are trying to create your first user when authentication is enabled you need to do it using mongo on the server that mongodb is running.
How do you check if a database user exists in MongoDB? To get a list of all existing users in MongoDB, you can use the db. getUsers() method.
By default mongodb has no enabled access control, so there is no default user or password. To enable access control, use either the command line option --auth or security.
Stop the running instance of mongod mongod --config /usr/local/etc/mongod.conf --auth
then start without --auth
like mongod --config /usr/local/etc/mongod.conf
then update your roles like
db.updateUser("admin",{roles : ["userAdminAnyDatabase","userAdmin","readWrite","dbAdmin","clusterAdmin","readWriteAnyDatabase","dbAdminAnyDatabase"]});
Now again start mongod with --auth
and try.
The idea is you have to create user under "admin" database with all the ROLES mentioned above.
But this user is not part of other databases. So once you created the admin user,
then login as that admin user,
SERVER: mongod --config /usr/local/etc/mongod.conf --auth
CLIENT: ./mongodb/bin/mongo localhost:27017/admin -u adminUser -p 123456
use APPLICATION_DB
again create a new user (say APP_USER) for this APPLICATION_DB. This time for this application user you need only "dbOwner" role.
db.createUser({user:"test", pwd:"test", roles:['dbOwner']})
Now your application has to use this APP_USER and APP_DB.
I fixed the same problem just exit and login as admin
mongo -u admin
enter your admin user password
after login, create a user as usual you mentioned
use newdb db.createUser( { user: "newuser", pwd: "12345678", roles: [ { role: "readWrite", db: "newdb" } ] } )
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With