Menu
I have existing a test server running mongodb 2.6 on ubuntu. Same version is running on my macbook. In both machines, I upgraded from mongodb 2.4 using standard upgrade mechanisms. Now I need to set up username and password based authentication
On my mac, I updated mongodb to 2.6 using brew update. I
I tried the following command on my Mac
$mongo
>db.getSiblingDatabase('admin')
>db.createUser({user:"root", pwd:"mycomplexpassword", roles:[ "userAdminAnyDatabase", "readWrite" ] } )
I got the following error
Error: couldn't add user: User and role management commands require auth data to have schema version 3 but found 1 at src/mongo/shell/db.js:1004
Hence I am unable enable auth to mongodb. How to solve the issue? Googling for the error does not seem to return anything useful right now.
PS: Should I expect the same issue to appear when I add authentication to mongodb on my servers?
981
MongoDB supports x. 509 certificate authentication for client authentication and internal authentication of the members of replica sets and sharded clusters.
Add Kerberos Principal(s) to MongoDB.Add a Kerberos principal, <username>@<KERBEROS REALM> , to MongoDB in the $external database. Specify the Kerberos realm in ALL UPPERCASE. The $external database allows exe to consult an external source (e.g. Kerberos) to authenticate.
MongoDB does not enable access control by default. You can enable authorization using the --auth or the security. authorization setting. Enabling internal authentication also enables client authorization.
The schema of db.system.users in mongodb 2.4 and 2.6 are different which caused you fail to create new user.
2.4 schema
db.system.users.find()
{
"_id" : ObjectId("53675bc48ff842a0657e25ff"),
"user" : "root",
"pwd" : "c2ff9601c8590812f0d40b9f60869679",
"roles" : [
"userAdminAnyDatabase",
"readWrite"
]
}
2.6 schema
db.system.users.find()
{
"_id" : "admin.root",
"user" : "root",
"db" : "admin",
"credentials" : {
"MONGODB-CR" : "c2ff9601c8590812f0d40b9f60869679"
},
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "readWrite",
"db" : "admin"
}
]
}
I did not find an official way to convert them.
So, you may need to convert 2.4 data in db.system.users to 2.6 format manually, or drop all old users in 2.4 and recreate them in 2.6.
You can use the following command to upgrade.
db.getSiblingDB("admin").runCommand({authSchemaUpgrade: 1 });
References:
191
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
