I am trying to enable mongodb authorization on my local machine (windows 10) I do this by adding the following settings in my mongod.cfg file.
#security:
authorization: "enabled"
When I do this and try to restart mongodb server as service on windows, it crashes with this messages, windows could not start mongodb server.
I tried to start mongodb service through terminal, with following command.
net start Mongodb.
this also gives and error, with message access is denied.
NOTE: without adding authorization configuration in monogd.cfg file, server works fine.
It must be this (without hashtag and with spaces) :
security:
authorization: enabled
Related
I created some mongodb users and when I tried to enable Authorization I added this directive
security:
authorization: "enabled"
to /etc/mongod.config file, and when I restarted mongod it won't start and it exited with error.
My mongodb is version 5.x as a replicaset of three nodes.
Any thoughts?
I installed MongoDB using homebrew on my mac.
And I created admin account on my local mongodb.
Then, I added below code to my 'mongod.conf' to use authentication mode.
The code is 'security: authorization: enabled'.
systemLog:
destination: file
path: /usr/local/var/log/mongodb/mongo.log
logAppend: true
storage:
dbPath: /usr/local/var/mongodb
net:
bindIp: 127.0.0.1
security:
authorization: enabled
And I restarted MongoDB. 'brew services restart mongodb'
But whenever I start mongo shell, it still print
WARNING: Access control is not enabled for the database.
Read and write access to data and configuration is unrestricted.
And naturally it can be used without user connection.
How can I resolve this problem?
If I type
db.auth("username", "password")
It print '1'. <- authenticated.
Is it impossible to authenticate mongoDB if I use homebrew?
I don't know what I have to do anymore.
Please, Help me.
Thank you.
+ It's full log
MongoDB shell version v4.0.3
connecting to: mongodb://127.0.0.1:27017
Implicit session: session { "id" : UUID("573560e4-0a3a-472e-a94a-79b1cecab4fd") }
MongoDB server version: 4.0.3
Server has startup warnings:
2019-08-27T19:02:40.847+0900 I CONTROL [initandlisten]
2019-08-27T19:02:40.847+0900 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database.
2019-08-27T19:02:40.847+0900 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted.
2019-08-27T19:02:40.847+0900 I CONTROL [initandlisten]
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).
The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.
To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
try removing the current service
enable authorization first in the config file and then run mongod daemon for the very first time.
mongo allows "localhost exception". Read about it in the documentation
then create first account with required privileges on the admin database. Make sure to include privileges of creating other users.
restart mongod daemon.
check if error goes away..
point is to enable authorization before creating any user, even before admin.
I don't see you have specified the Authentication Mechanism in config file. Please add it to your mongod config file
security:
authorization: enabled
setParameter:
authenticationMechanisms: SCRAM-SHA-1
Once the above is done, restart your mongo instance and that should work
We installed MongoDB on windows(development) version 3.4, and enabled authentication, after running the command mongod --auth, the authentication was successfully implemented.
Now on the production server that is Ubuntu 16, with MongoDb version 4.0, we made changes to the mongod.conf file as seen below and then restated the mongod service with command sudo service mongod start, but now we are not able to connect to our MongoDB Ubuntu server.
security:
authorization: "enabled"
Where did we go wrong in implementing authentication for MongoDB on Ubuntu server.
security:
authorization: "enabled"
2 possible issues here : reading the doc, i'm not sure you need to quote the enabled word.
Moreover, yaml format need to increment sub part of conf, so your conf file have to look like :
security:
authorization: enabled
But cannot really test, since i don't have any running local instance
As per my understanding when we run mongod.exe in windows , in addition to starting database server , it also sets up a basic HTTP server on port 1000 higher than the main port(in my case its default 27017)
But when I enter http://localhost:28017/ in browser, nothing gets displayed.
what needs to modified/configured to enable HTTP server?
first run it
mongod --httpinterface
then access it via http
http://localhost:28017/
I'm building a MongoDB cluster using shards of replica sets and have the first replica set setup and three config servers running (all on Linux servers) with a mongos instance running pointing to the three config servers, but when connecting to the mongos instance on the application server (on Windows Server 2012 Standard x64) via the mongo shell and issuing the sh.addShard() command as per the docs, I get the following response:
> sh.addShard("rs1/xxx:xxx")
{
"note" : "not authorized for command: addShard on database admin",
"ok" : 0,
"errmsg" : "unauthorized"
}
Does anyone know what I'm doing wrong? I'm running all Mongo instances using a keyfile for security. The keyfile is a Windows compatible one as per these docs.
My results:
If your data nodes use keyfile based authentication, all the mongod and mongos instances (data, config, etc) need to use --keyFile as well and point to an exact copy of the keyfile.
Secondly, make sure you "use admin" after connecting to config servers using mongos. If this doesn't get you there then add an admin user at the mongos prompt, authenticate with those credentials and try again.
I've since solved this. It was because authentication was enabled by virtue of the keyfile and using the localhost connection wasn't enough to authenticate. After disabling keyfile usage across the cluster, creating an admin account and using that to connect, it worked.
in addition to bisharkha's answer, here is one more clue to use keyfile.
after use admin command, also make sure you have authenticated with:
db.auth("user", "passwd")
It also can happen when you specify wrong name of your collection.