I have created an admin level user and given the dbAdminAnyDatabase, userAdminAnyDatabase, readWriteAnyDatabase permissions on the admin database as well as my other database and I can create a successful connection to the client but when I try to run a command to retreive data I get an error saying 'Command find failed: not authorized on {database} to execute command'.
Any ideas on why this isn't working?
I found an example where the user was made to have "root" access and now I can successfully query data. The question still remains why the above credentials didn't work.
Related
I have created a user and added my IP to whitelist.
when trying to connect to a cluster through mongo shell, i am required to enter the following line: mongo "mongodb+srv://cluster0.****.mongodb.net/" --username --password
I have filled in credentials for username and password and replaced dbname with my database name(tried using non-existing one as well in case that was the problem). it connects to the shell, but then crashes with the following error:
Error while trying to show server startup warnings: user is not allowed to do action [getLog] on [admin.]
MongoDB Enterprise atlas-7cwf8s-shard-0:PRIMARY>
tried googling and youtubing the issue, but cannot find the match on how to fix it.
Many thanks
That message says that the shell is unable to show you server startup warnings. It's expected in Atlas environment.
Supposing that's your own cluster, then:
Check the user in Atlas > Database Access
Check the MongoDB Roles header in the table.
If it's not atlas Admin, you can't issue this command:
db.adminCommand({getLog:"startupWarnings"})
Or any admin command, which is issued or tested automatically in the connection, hence the error.
Edit MongoDB Roles to the highest privileges (atlas Admin)
But you can still work anyways.
If you're accessing someone else's cluster, then there isn't much to do.
I am working on a project, there I need to dump a database from windows and need to restore it on a centos server.
Whenever I do that, there is some error.
Like - error reading database: (Unauthorized) not authorized on mydatabase to execute command
or
error connecting to host: could not connect to server: connection() : auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
Both os have the same mongo version that is 4.2
How can I correct it?
The error not authorized on mydatabase to execute command indicates that either you have not authenticated, or the authenticated user has not been granted the appropriate permissions to execute that command.
Authentication failed means just that. The server side log may have more detail, like the user and database names used in the auth attempt.
To fix these, make sure:
you are providing authentication credentials
the user account you are using has already been created in the server
the user account has been granted permission for that command on the correct database/collection
The Security page in the docs might be a good place to start.
I forgot the credentials of my admin user.
Hence i am not able to connect to cluster mongo shell.
Now i want to delete all users and and credentials or even if reset of mongodb is possible then it will be a lot help.
I tried following commands but got "authentication required error".
db.createUser(), db.dropDatabase().
I expect to create new admin user with credentials.
you can do it by logging in to your Atlas Cluster here: https://www.mongodb.com. Then, on the left sidebar, you click on 'Database Access'. There you can manage the users and you can even delete them and create new ones.
I'm trying to connect to MongoDB through JDBC. The connection string is like below,
mongodb://localhost:27017/games?authSource=admin
However I'm getting the following trace:
{ "ok" : 0.0, "errmsg" : "not authorized on admin to execute command { listDatabases: 1 }", "code" : 13 }
My intention is not listing all the databases, but the user has to authenticate against admin database and can read/write on games database. What mistake I'm making here?
I want user X to authenticate against admin DB but read just games DB so not sure why it asks for listDatabase privilege.
First, I assume you are using the MongoDB Java Driver, which is actually not JDBC.
It would be helpful for you to share:
How you created your user
The Java code that you are executing
The version of mongo-java-driver and MongoDB that you are using
But based on the error, it appears that you are successfully authenticating. I strongly suspect that you are either directly calling listDatabases() or listDatabaseNames().
The other thing that does not look quite right is the fact that you are specifying authSource=admin in your MongoClientURI. But that issue should have given you an Autentication Failed error. You should be either leaving the authSource off of the connection string or specify authSource=games.
Based on what you described, when you created your user, you should have created the user in the games database (users will actually be stored in the admin database, but you would be authenticating against the games database).
I have this exception being thrown with mongodb connection
Wed May 11 10:39:33 Assertion: 10057:unauthorized for db [inbox] lock type: -1
where inbox is the database. I am using the PHP driver for the connection. The problem is I am using the admin username and password for the connection but still it is throwing unauthorized. Can you please provide some insights.
Authenticating as an admin requires you to run the authenticate command in the admin database before changing to the regular database. Authenticating your admin user from say, test will not work.
For your case, connect to admin, run authenticate as the admin user, and then get a handle on inbox. Alternately you should create a user specific to the inbox database for safety. Connecting as a superuser for an application isn't the best idea.