I created some mongodb users and when I tried to enable Authorization I added this directive
security:
authorization: "enabled"
to /etc/mongod.config file, and when I restarted mongod it won't start and it exited with error.
My mongodb is version 5.x as a replicaset of three nodes.
Any thoughts?
Related
I have replica set of MongoDB v4.2 with 3 servers running. In my mongod.conf file, until now I have below options configured for security config section. Authorization is not enabled as per config file, but if I want to access mongo shell then I need to authenticate myself using username and password, not sure how if authorization is not enabled.
security:
keyFile: /var/lib/mongo/mongokey
Now, I want to include below 2 new fields into config file under security section. So what is difference between mongokey file provided in keyFile section and below clusterAuth keyFile or sendKeyFile values. If I use keyFile or sendKeyFile under clusterAuth, what will happen ? Mongodb documentation is not clear enough to find difference for these options.
security:
keyFile: /var/lib/mongo/mongokey
authorization: enabled
clusterAuthMode: keyFile or sendKeyFile
Declaring a keyFile enables user authentication.
Enforcing internal authentication also enforces user access control.
Update Replica Set to Keyfile Authentication
I am trying to enable mongodb authorization on my local machine (windows 10) I do this by adding the following settings in my mongod.cfg file.
#security:
authorization: "enabled"
When I do this and try to restart mongodb server as service on windows, it crashes with this messages, windows could not start mongodb server.
I tried to start mongodb service through terminal, with following command.
net start Mongodb.
this also gives and error, with message access is denied.
NOTE: without adding authorization configuration in monogd.cfg file, server works fine.
It must be this (without hashtag and with spaces) :
security:
authorization: enabled
We installed MongoDB on windows(development) version 3.4, and enabled authentication, after running the command mongod --auth, the authentication was successfully implemented.
Now on the production server that is Ubuntu 16, with MongoDb version 4.0, we made changes to the mongod.conf file as seen below and then restated the mongod service with command sudo service mongod start, but now we are not able to connect to our MongoDB Ubuntu server.
security:
authorization: "enabled"
Where did we go wrong in implementing authentication for MongoDB on Ubuntu server.
security:
authorization: "enabled"
2 possible issues here : reading the doc, i'm not sure you need to quote the enabled word.
Moreover, yaml format need to increment sub part of conf, so your conf file have to look like :
security:
authorization: enabled
But cannot really test, since i don't have any running local instance
I'm running a 3 server MongoDB replica set. I recently upgraded from 2.4 to 2.6.
On 2.4 I was able to reach the HTTP Console on all three servers, regardless of whether they were Primary or Secondary. Now with 2.6 there is a different config setting needed to enable the console.
# Disable the HTTP interface (Defaults to localhost:28017).
#nohttpinterface = true
nohttpinterface = false
If I create a completely fresh, standalone instance with 2.6, it works. However on the replica set, it does not. MongoDB is running on 27017 and I have confirmed nothing is running on 28017, so that rules out firewall issues.
Are there additional changes required to enable this feature on a replica set?
Adding
httpinterface=true
in /etc/mongod.conf enables it on http://127.0.0.1:28017
I had to add
rest=true
to enable REST interface so that commands in http console are working.
For mongodb v3.0.2 the mongod.conf is a yaml file,
you should add these two lines after net:
http.enabled: true
http.RESTInterfaceEnabled: true
my mongod.conf is
net:
bindIp: 127.0.0.1
http.enabled: true
http.RESTInterfaceEnabled: true
https://docs.mongodb.com/ecosystem/tools/http-interfaces/
HTTP Status Interface
Deprecated since version 3.2: Starting in 3.2, MongoDB deprecates the HTTP interface.
Well, restarting works with stop and start command, but I cannot seem to execute the mongodb command with --auth option.
root#random:/home/random/public_html# mongodb stop
root#random:/home/random/public_html# start mongodb --auth
start: invalid option: --auth
root#random:/home/random/public_html# start mongodb
mongodb start/running, process 29473
root#random:/home/random/public_html#
How can I start mongodb with --auth option?
Edit /etc/mongod.conf and add a line like this:
auth=true
Then:
service mongod restart
See this page for more configuration options: http://www.mongodb.org/display/DOCS/File+Based+Configuration
For MongoDB latest versions 3.x above code wont work, below code in mongod.conf if you are using mongodb 3.x
security:
authorization: enabled
If you are using MongoDB 3, setting auth = true wont work. You will instead need the following in your /etc/mongod.conf
security:
authorization: enabled
For mongodb version 3.2
this is the correct config
security:
authorization: "enabled"
in String format
Just want to supplement the answer. For MongoDB 3, the /etc/mongod.conf has changed. Either of below enable MondgoDB authorization option (--auth):
security:
keyFile: [The path to a key file]
-- or--
security:
authorization: enabled
Details can be found here
you should put the --auth option in the startup script
/etc/rc[0-6].d/mongod