I have a mongo db setup on mlab for use with meteor running on Galaxy. I can succesfully export from this database using mongoexport on my windows 8.1 64-bit laptop. I also want to connect with the mongo shell, but I get "not authorized" error messages, using the exact same mongo user and password.
In more detail - this works just fine, using mongoexport version r3.4.7:
mongoexport --host ds121225.mlab.com:21225 -d quarule-db01 --collection Quarule -u xxxxx -p xxxx -q "{vocabularyName: 'qre'}" --out QRE.json
while this fails:
mongo ds121225.mlab.com:21225/quarule-db01 -u xxxx -p xxxxx
MongoDB shell version v3.4.7
connecting to: mongodb://ds121225.mlab.com:21225/quarule-db01
MongoDB server version: 3.4.9
rs-ds121225:PRIMARY> show dbs
2017-10-30T19:50:37.795-0700 E QUERY [thread1] Error: listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
"code" : 13,
"codeName" : "Unauthorized"
} :
_getErrorWithCode#src/mongo/shell/utils.js:25:13
Mongo.prototype.getDBs#src/mongo/shell/mongo.js:62:1
shellHelper.show#src/mongo/shell/utils.js:769:19
shellHelper#src/mongo/shell/utils.js:659:15
I have checked and rechecked that I am specifying the userid and password the same way in both commands.
Why would the export succeed and the shell fail?
Related
I have taken over undocumented Mongo 4.4.8 cluster (PSA). I am trying to tidy it up and test thouroughly.
An original connection string:
MONGODB_URI=mongodb://${USER}:${PASS}#10.0.0.3:27017,10.0.0.6:27017,10.0.0.2:27017/bud?replicaSet=bud-replica&authSource=admin
I have enabled localhost and socket connection. I can log in from cmdline with
mongo -u ${USER} -p ${PASS}
MongoDB shell version v4.4.8
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("492e331b-417e-458a-83c7-9db6eaae0869") }
MongoDB server version: 4.4.8
I can switch db to bud and perform the queries. But if I run just
mongo
then the authentication with the same credentials does not work:
bud-replica:PRIMARY> db.auth('admin','admin');
Error: Authentication failed.
0
I tried to search for users but shows there arent any:
bud-replica:PRIMARY> db.getUsers()
[ ]
bud-replica:PRIMARY> use bud
switched to db bud
bud-replica:PRIMARY> db.getUsers()
[ ]
This is mongod.conf security part:
security:
authorization: enabled
keyFile: "/etc/bud-rs"
Finally I need to export my data before doing experiments. Though the cmd line interface looks similar, mongoexport cannot fetch the data, regardless I set user/password or skip these arguments.
mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray > accidents.json
2021-08-25T19:30:30.631+0200 could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray --authenticationDatabase “admin” > accidents.json
2021-08-25T19:36:18.738+0200 could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
root#10:~# mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray --authenticationDatabase “bud” > accidents.json
2021-08-25T19:38:21.174+0200 could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
I am really confused and I failed to find a solution on Google or SO.
Second relevant question:
If I need to create new user, shall I do it on all replicas or it is automatically synchronized?
1st update
This is the workaround, but my questions are still valid. I want to understand.
root#10:~# mongoexport --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray "mongodb://admin:admin#10.0.0.3:27017/bud?authSource=admin" > accidents.json
2021-08-25T20:46:54.777+0200 connected to: mongodb://[**REDACTED**]#10.0.0.3:27017/bud?authSource=admin
2021-08-25T20:46:55.778+0200 [........................] bud.accidents 0/4379 (0.0%)
2021-08-25T20:46:56.497+0200 [########################] bud.accidents 4379/4379 (100.0%)
2021-08-25T20:46:56.497+0200 exported 4379 records
2nd update
bud-replica:PRIMARY> use admin
bud-replica:PRIMARY> show collections
system.keys
system.users
system.version
bud-replica:PRIMARY> db.system.users.find()
{ "_id" : "admin.admin", "userId" : UUID("769e4f5c-6f46-4153-857e-47d7d8730066"), "user" : "admin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "32/AP4019eome36j8n
The user credential was created in the admin database.
When connecting with the mongo shell, switch with use admin before running db.auth
The mongoexport command that worked used authSource=admin in the connection string.
Add --authenticationDatabase=admin to the other command line to direct it to use the admin database for auth as well.
whole example command as below worked for me.
Mongodb version: 5.x.x, also for Mongodb version: 8.x.x
mongodump --authenticationDatabase=admin --uri mongodb://username:password#mongodb-host/db-name?ssl=false&authSource=admin
I am trying to run some shell commands in mongo which is inside docker container.
docker exec -it mongodb_mock bash
It opens the mongo shell. but when I run any command in this it gives authentication error:
> show dbs
2018-08-28T10:12:12.755+0000 E QUERY [thread1] Error: listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
"code" : 13,
"codeName" : "Unauthorized"
} :
_getErrorWithCode#src/mongo/shell/utils.js:25:13
Mongo.prototype.getDBs#src/mongo/shell/mongo.js:62:1
shellHelper.show#src/mongo/shell/utils.js:781:19
shellHelper#src/mongo/shell/utils.js:671:15
#(shellhelp2):1:1
Please help.
EDIT: This db is created through mongoose/express, from another container.
first you need to authorize db with user, below is example command
use admin;
db.auth('admin','password');
then your able to run all querys. or start mongod without --auth parameter so you no need user authentication.
yes I just started to understand MongoDB. Therefore I have installed MongoDB in the folder "Program files" yesterday and tryed to figure out, how to work with it.
Today I simply tryed to start it again. But something went wrong. To understand the beginning better I deinstalled MongoDB, deleted the MongoDB, data, log folders and have installed MongoDB again direct on c:/.
Started the server:
mongod --directoryperdb --dbpath c:\mongodb\data\db --logpath c:\mongodb\log\mongo.log --logappend --auth --rest --install
Started the service:
net start MongoDB
And the Mongo shell:
mongo
Now I try "show dbs" with the following result:
>show dbs
2017-09-14T10:41:49.541+0200 E QUERY [thread1] Error: listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
"code" : 13,
"codeName" : "Unauthorized"
} :
_getErrorWithCode#src/mongo/shell/utils.js:25:13
Mongo.prototype.getDBs#src/mongo/shell/mongo.js:62:1
shellHelper.show#src/mongo/shell/utils.js:769:19
shellHelper#src/mongo/shell/utils.js:659:15
#(shellhelp2):1:1
More I haven't done already. What can I do to show the dbs?
Of cource, I have tryed the learnings of the following post to, without success:
show dbs gives "Not Authorized to execute command" error
Looks like you are starting the db with --auth but not connecting with username/password. If you have not created any user then remove --auth and restart db. Then you will be able to connect.
I've got multiple issues with an application which I suspect are related to permissions on the database.
Everything seems locked down however and I can't complete basic commands such as show dbs in order to troubleshoot the problems further and "see" what I'm working with. I've been stuck on this for two days now and it's really frustrating.
I've tried this both from the online console and on local terminal, both with and without user credentials supplied at login:
Online Console
Console > MongoDB Service > Deployment > Pod > mongodb-1-vs19d > Terminal:
sh-4.2$ mongo
MongoDB shell version: 2.6.9
connecting to: test
> show dbs
2016-07-13T04:33:10.809-0400 listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases:
1.0 }",
"code" : 13
} at src/mongo/shell/mongo.js:47
Local Terminal
me#my-computer:~$ oc rsh mongodb-1-vs19d
sh-4.2$ mongo
MongoDB shell version: 2.6.9
connecting to: test
> show dbs
2016-07-13T04:35:06.449-0400 listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
"code" : 13
} at src/mongo/shell/mongo.js:47
Local Terminal With User Credentials
me#my-computer:~$ oc rsh mongodb-1-vs19d
sh-4.2$ mongo -u $MONGODB_USER -p $MONGODB_PASSWORD $MONGODB_DATABASE
MongoDB shell version: 2.6.9
connecting to: users
> show dbs
2016-07-13T04:51:39.127-0400 listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
"code" : 13
} at src/mongo/shell/mongo.js:47
Troubleshooting envars are correct:
me#my-computer:~$ oc env pods mongodb-1-vs19d --list
# pods mongodb-1-vs19d, container mongodb
MONGODB_USER=admin
MONGODB_PASSWORD=secret
MONGODB_DATABASE=users
MONGODB_ADMIN_PASSWORD=very-secret
The database was created from local terminal with:
oc new-app mongodb-persistent -p MONGODB_USER=admin,MONGODB_PASSWORD=secret,MONGODB_ADMIN_PASSWORD=very-secret
As per official docs:
https://docs.openshift.com/online/getting_started/beyond_the_basics.html#btb-provisioning-a-database
https://docs.openshift.com/online/using_images/db_images/mongodb.html#running-mongodb-commands-in-containers
It looks like you're trying to show dbs as user who has not been granted the needed role. You can try authenticating yourself as admin as follows:
mongo -u admin -p $MONGODB_ADMIN_PASSWORD admin
Then you should be able to show dbs, show users, use other databases and show users there, etc...
It's a bit confusing that your $MONGODB_USER is named admin - this regular user will have access to the $MONGODB_DATABASE. Another admin has been created by the used image most likely as well.
I need to connect to to my MongoDB remotely. So I've commented out the line bind_ip in the mongod.conf and set there also auth=true. Now I was able to connect remotely.
Then I typed following on the machine running mongodb:
use admin
db.addUser("myadmin", "mypw")
Was created successfully but now when I try to connect remotely or even on the local machine and I try to execute anything it sais: not authorized on admin to execute command
Even that I try to connect like this: mongo -u myadmin -p mypw (locally)
I get following error:
MongoDB shell version: 2.6.9
connecting to: test
2015-04-08T15:25:53.425+0200 Error: 18 { ok: 0.0, errmsg: "auth failed", code: 18 } at src/mongo/shell/db.js:1260
exception: login failed
Maybe because he tries to connect to the test db? How can I specify which db. Remotely it doesn't work with mongo --host myurl -u myadmin-p mypw
with following error:
2015-04-08T14:31:00.373+0200 E QUERY Error: 18 { ok: 0.0, errmsg: "auth failed", code: 18 }
at DB._authOrThrow (src/mongo/shell/db.js:1236:32)
at (auth):6:8
at (auth):7:2 at src/mongo/shell/db.js:1236
exception: login failed
Please try to use --authenticationDatabase while connecting to mongo shell, like in the following:
mongo -u myadmin -p mypw --authenticationDatabase admin