MongoDB: Server has startup warnings ''Access control is not enabled for the database''

Question

I firstly installed MongoDB 3.4.1 today. But when I start it and use MongoDB shell, it gave me these warnings below:

C:\Users\hs>"C:\Program Files\MongoDB\Server\3.4\bin\mongo.exe MongoDB shell version v3.4.1 connecting to: mongodb://127.0.0.1:27017 MongoDB server version: 3.4.1 Server has startup warnings: 2017-01-12T21:19:46.941+0800 I CONTROL  [initandlisten] 2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database. 2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted. 2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten] 

my computer is Microsoft Windows [version 10.0.14393].

Answer 1

Mongodb v3.4

You need to do the following to create a secure database:

Make sure the user starting the process has permissions and that the directories exist (/data/db in this case).

1) Start MongoDB without access control.

mongod --port 27017 --dbpath /data/db 

2) Connect to the instance.

mongo --port 27017 

3) Create the user administrator (in the admin authentication database).

use admin db.createUser(   {     user: "myUserAdmin",     pwd: "abc123",     roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]   } ) 

4) Re-start the MongoDB instance with access control.

mongod --auth --port 27017 --dbpath /data/db 

5) Connect and authenticate as the user administrator.

mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin" 

6) Create additional users as needed for your deployment (e.g. in the test authentication database).

use test db.createUser(   {     user: "myTester",     pwd: "xyz123",     roles: [ { role: "readWrite", db: "test" },              { role: "read", db: "reporting" } ]   } ) 

7) Connect and authenticate as myTester.

mongo --port 27017 -u "myTester" -p "xyz123" --authenticationDatabase "test" 

I basically just explained the short version of the official docs here: https://docs.mongodb.com/master/tutorial/enable-authentication/

Answer 2

OMG, what a gas plant, that top answer!

All you need to do is to:

1. Edit your config, e.g. C:\Program Files\MongoDB\Server\4.4\bin\mongodb.cfg
2. Turn the security: authorization: to enabled, as illustrated; note that this sub-entry may be missing completely. Just add it then.
3. Restart your MongoDB Server service from the Windows Services control panel.

Obviously, if, following this, set up a read/readWrite role-based policy, that will make much more sense.

Ref: https://docs.mongodb.com/manual/tutorial/configure-scram-client-authentication/

I've just tested this using phpunit, works as expected.