"There are no users authenticated" even though authentication is disabled - mongodb

I just downloaded the new MongoDB 4.2.1, on Windows, and I just want to use it locally without authentication. I am able to run mongod plain and the server starts fine. I am able to connect to mongodb://localhost:27017, but when I try to do anything I get the error there are no users authenticated.
I never had this issue in previous versions, so I'm wondering if 4.2 now has new restrictions that authentication must be enabled or something. Is that the case?
Edit: This is a new fresh install of MongoDB, and I've uninstalled all other versions. I haven't changed the config. All I have done is create the C:/data/db directory.
Edit 2:
Here is my config file:
storage:
dbPath: C:\Program Files\MongoDB\Server\4.2\data
journal:
enabled: true
net:
port: 27017
bindIp: 127.0.0.1
Some more information from messing around. MongoDB Compass gives me the error immediately upon connecting. A nodejs application is able to connect but when attempting to write anything it gets the error.
However, in the mongo shell I am able to connect and make write operations with no issues.
There are no commands being logged, only the initial startup output which all seems normal.
db._adminCommand( {getCmdLineOpts: 1}) output:
{
"argv" : [
"C:\\Program Files\\MongoDB\\Server\\4.2\\bin\\mongod.exe",
"--config",
"C:\\Program Files\\MongoDB\\Server\\4.2\\bin\\mongod.cfg",
"--service"
],
"parsed" : {
"config" : "C:\\Program Files\\MongoDB\\Server\\4.2\\bin\\mongod.cfg",
"net" : {
"bindIp" : "127.0.0.1",
"port" : 27017
},
"service" : true,
"storage" : {
"dbPath" : "C:\\Program Files\\MongoDB\\Server\\4.2\\data",
"journal" : {
"enabled" : true
}
},
"systemLog" : {
"destination" : "file",
"logAppend" : true,
"path" : "C:\\Program Files\\MongoDB\\Server\\4.2\\log\\mongod.log"
}
},
"ok" : 1
}

Well, for some reason it worked when connecting to 127.0.0.1 and not localhost. Never had that before.

I'm giving this as a "response" (instead of a "comment"), just so I can format things more clearly for you.
I happen to be running MongoDB 4.2.0 on a Linux VM, with no authentication ... and no problems.
SUGGESTIONS:
Check /etc/mongod.conf (Windows equivalent), and make sure authorizationis COMPLETELY COMMENTED OUT (vs. "authorization: disabled")
Check /var/log/mongodb/mongod.log (Windows equivalent). If you find anything "significant", please copy/paste it into your post.
In "mongo", type db._adminCommand( {getCmdLineOpts: 1}) and ensure your runtime configuration settings match what you expect them to be.
Please keep us posted what you find!

Make sure you have installed mongodb

Related

show dbs gives "Not Authorized to execute command" error

I've spent some time trying to figure out what is wrong but as I could not find out, I decided to ask here.
I am running MongoDB(Windows 64-bit 2008 R2+) version 3.2.3 on Windows 8, the paths are :
C:\MongoDB\bin for the installation
C:\data\db for the data folder
I've installed following this video and this tutorial from the official documentation.
The first issue might be, as I don't really know if it is an issue at all, the connection between the client(mongo.exe) and the server(mongod.exe).
I lauched mongod.exe via the command line (with administrator rights), everything went fine, I got the message :
waiting for connections on port 27017
but when I launch mongo.exe via a new instance of the command line, the server(mongod.exe) doesn't print a message saying there is a new connection (it was the case in the tutorials I watched)
On the other side, mongo.exe prints
connecting to : test
I don't know if everything is correct at this point but I still tried some basics commands like :
show dbs returns not authorized on admin to execute command
Basically, all the commands I tried had the same error message, even with "fresh" db I just created with use 'dbName'
Some answers online said I have to create a user with proper roles, I tried this one.
Still the same error message not authorized to execute command
My question is the following :
Is is normal that mongod.exe doesn't show a new connection when I launch mongo.exe ? If it is correct then what can I do to make even the basic commands work ?
Additional Informations :
I tried to uninstall/re-install few times, with the "Custom mode" and the "Complete mode" in the Windows installer but it always lead to the same problem.
I also tried to create a MongoDB Service following the official documentation but I'm not really sure if it was a good idea. (I can't add more links but it is in a section in the second link I shared.
Edit section :
I decided to try it on another computer which I have not touched for years, running on Windows 7 64-bit.
I copied the MongoDB installation folder at the root of this computer, created \data\db folder and launched mongod.exe.
Then I launched mongo.exe and this time, mongod.exe printed a message saying there is a new open connection which it doesn't on my actual computer. I think the problem is here because I was able to start the basic tutorial from the official documentation and perform simple commands like create a new db, insert, find, show dbs, etc. Everything that I am not able to do on my actual computer.
So I think the problem is coming from the connection between mongod.exe and mongo.exe
Do you have any idea how I could solve this problem as I have tried uninstalling few times.
You should have started the mongod instance with access control, i.e., the --auth command line option, such as:
$ mongod --auth
Let's start the mongo shell, and create an administrator in the admin database:
$ mongo
> use admin
> db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
Now if you run command "db.stats()", or "show users", you will get error "not authorized on admin to execute command..."
> db.stats()
{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { dbstats: 1.0, scale: undefined }",
"code" : 13,
"codeName" : "Unauthorized"
}
The reason is that you still have not granted role "read" or "readWrite" to user myUserAdmin. You can do it as below:
> db.auth("myUserAdmin", "abc123")
> db.grantRolesToUser("myUserAdmin", [ { role: "read", db: "admin" } ])
Now You can verify it (Command "show users" now works):
> show users
{
"_id" : "admin.myUserAdmin",
"user" : "myUserAdmin",
"db" : "admin",
"roles" : [
{
"role" : "read",
"db" : "admin"
},
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
Now if you run "db.stats()", you'll also be OK:
> db.stats()
{
"db" : "admin",
"collections" : 2,
"views" : 0,
"objects" : 3,
"avgObjSize" : 151,
"dataSize" : 453,
"storageSize" : 65536,
"numExtents" : 0,
"indexes" : 3,
"indexSize" : 81920,
"ok" : 1
}
This user and role mechanism can be applied to any other databases in MongoDB as well, in addition to the admin database.
(MongoDB version 3.4.3)
one more, after you create user by following cmd-1, please assign read/write/root role to the user by cmd-2. then restart mongodb by cmd "mongod --auth".
The benefit of assign role to the user is you can do read/write operation by mongo shell or python/java and so on, otherwise you will meet "pymongo.errors.OperationFailure: not authorized" when you try to read/write your db.
cmd-1:
use admin
db.createUser({
user: "newUsername",
pwd: "password",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
})
cmd-2:
db.grantRolesToUser('newUsername',[{ role: "root", db: "admin" }])
Create a user like this:
db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
Then connect it following this:
mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"
Check the manual :
https://docs.mongodb.org/manual/tutorial/enable-authentication/
Copy of answer OP posted in question:
Solution
After the update from the previous edit, I looked a bit about the connection between client and server and I found out that even when mongod.exe was not running, there was still something listening on port 27017 with netstat -a
So I tried to launch the server with a random port using
[dir]mongod.exe --port 2000
Then the shell with
[dir]mongo.exe --port 2000
And this time, the server printed a message saying there is a new connection.
I typed few commands and everything was working perfectly fine, I started the basic tutorial from the documentation to check if it was ok and for now it is.
There are two things,
1) You can run the mongodb instance without username and password first.
2) Then you can add the user to the system database of the mongodb which is default one using the query below.
db.createUser({
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
})
Thanks.
Try this...
use admin;
db.createUser({
user: 'admin',
pwd: 'SecurePass',
roles: [ { role: 'root', db: 'admin' } ]
});
db.auth("admin", "SecurePass");
db.grantRolesToUser('admin', [{ role: 'root', db: 'admin' }])
db.auth() before db.grantRolesToUser()
solve my problem :)
if it doesn't work try to change the role to 'readWrite'
It was Docker running in the background in my case. If you have Docker installed, you may wanna close it and try again.
for me it worked by adding
1) "You can run the mongodb instance without username and password first.---OK
2) "Then you can add the user to the system database of the mongodb which is default one using the query below".---OK
db.createUser({
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ],
mechanisms:[ "SCRAM-SHA-1" ] // I added this line
})

MongoDb C# driver - test authentication mode

Using the C# MongoDb driver, is there a way to query a server to find out if it was started with:
mongod --auth or just mongod?
Thanks.
There is a ticket on the MongoDB tracker indicating the getCmdLineOpts command can be used to get the auth mode of the server.
db.runCommand("getCmdLineOpts")
returns
{
"argv" : [
"mongod",
"--config",
"mongodb.conf"
],
"parsed" : {
"auth" : "true",
"config" : "mongodb.conf",
...
},
"ok" : 1
}
If --auth was passed on the command line it will appear in the argv and parsed nodes; if it was set in mongodb.conf it will only appear in the parsed node.

Starting over with replica configuration in mongodb

I did a mistake when configuring replica sets in mongodb. I think that what I did wrong is that I did a rs.initialize() on both nodes, which made them confused in some way. I'm not sure.
Now all I want to do is start over, but I couldn't find a way to de-initialize a node. So I followed the advice to delete the local* db files, thus resetting the configurations. I did that, and now nothing works.
> rs.initiate()
{
"info2" : "no configuration explicitly specified -- making one",
"me" : "0.0.0.0:27017",
"errmsg" : "couldn't initiate : can't find self in the replset config",
"ok" : 0
}
> rs.conf()
null
I tried to remove and reinstall the package (I'm doing this on Ubuntu servers) which just meant that my mongodb.conf disappeared and my init script stopped working. This is of course easy enough to solve.
So how do I start over?
Note: I did look at this answer, but since rs.conf() doesn't work this doesn't work either.
You'll also get this error if your machine's hostname doesn't map back to 127.0.0.1. Update your /etc/hosts and/or your /etc/hostname, and rs.initiate() with no config should work.
If you force a reconfig with a config that you have generated, does it resolve the issue?
You could do this similar to the follow from the {{mongo}} shell:
> cfg = {
... "_id" : "rs0",
... "version" : 1,
... "members" : [
... {
... "_id" : 0,
... "host" : "0.0.0.0:27017"
... }
... ]
... }
>rs.reconfig(cfg, {force:true})
You may need to tune the cfg variable to have your hostname and portname, as the can't find self in new replset config error will be returned to the shell if the repl set can't find the node it is running from in the config.
If you just comment out bind_ip in /etc/mongod.conf this will achieve the correct result so that you can reissue a rs.initiate() command to set-up or reconfig the replica.

Need list of config servers MongoDB

I need to grab (within the C# driver for MongoDB) a list of all the config servers connected to my instance of Mongo-s. Or, failing that, I would settle for a way to grab ALL the servers and a way to go through them one by one telling which are configsvr and which are something else. I was thinking of the getShardMap command, but I still have no idea how to look at a server (programmatically) and decide if it's a configsvr or not.
Thanks.
mongos> db.runCommand("getShardMap")
{
"map" : {
"node2:27021" : "node2:27021",
"node3:27021" : "node3:27021",
"node4:27021" : "node4:27021",
"config" : "node2:27019,node3:27019,node4:27019",
"shard0000" : "node2:27021",
"shard0001" : "node3:27021",
"shard0002" : "node4:27021"
},
"ok" : 1
}
getShardMap command gives the config string that is passed to mongos server. You can parse the string to get the list of config servers.
The only way I can think of to get this info is to run the getCmdLineOpts command on a mongos and look at the --configdb argument it was passed. I'm not sure how you run admin commands in the C# driver, but I'd imagine it's something like:
db.RunCommand("getCmdLineOpts");

how can I see what ports mongo is listening on from mongo shell?

If I have a mongo instance running, how can I check what port numbers it is listening on from the shell? I thought that db.serverStatus() would do it but I don't see it. I see this
"connections" : {
"current" : 3,
"available" : 816
Which is close... but no. Suggestions? I've read the docs and can't seem to find any command that will do this.
You can do this from the Operating System shell by running:
sudo lsof -iTCP -sTCP:LISTEN | grep mongo
From the system shell you can use lsof (see Derick's answer below) or netstat -an to view what a process is actually doing. However, assuming you only have access to the mongo shell (which your question title implies), then you can run the serverCmdLineOpts() command. That output will give you all the arguments passed on the command line (argv) and the ones from the config file (parsed) and you can infer the ports mongod is listening based on that information. Here's an example:
db.serverCmdLineOpts()
{
"argv" : [
"./mongod",
"-replSet",
"test",
"--rest",
"--dbpath",
"/data/test/r1",
"--port",
"30001"
],
"parsed" : {
"dbpath" : "/data/test/r1",
"port" : 30001,
"replSet" : "test",
"rest" : true
},
"ok" : 1
}
If you have not passed specific port options like the ones above, then the mongod will be listening on 27017 and 28017 (http console) by default. Note: there are a couple of other arguments that can alter ports without being explicit, see here:
https://docs.mongodb.org/manual/reference/configuration-options/#sharding.clusterRole
Try this:
db.runCommand({whatsmyuri : 1})
It will display both the IP address and the port number.
MongoDB only listens on one port by default (27017). If the --rest interface is active, port 28017 (27017+1000) will also be open handling web requests for details.
MongoDB supports a getParameter command, but that only works if you're already connected to the Database (at which point you already know the port).
You can try, from the mongo shell:
db.getMongo()
Use this command to test that the mongo shell has a connection to the
proper database instance.
connection to <IP>:<PORT>
db.collection.explain()
For unsharded collections, explain returns the following serverInfo
information for the MongoDB instance:
"serverInfo" : {
"host" : <string>,
"port" : <int>,
"version" : <string>,
"gitVersion" : <string>
}
Default MongoDB Port