MongoDB: Understand createUser and db admin MongoDB: Understand createUser and db admin shell shell

MongoDB: Understand createUser and db admin


mongodb shell authentication admin database

The admin database is a special database that you automatically have with a MongoDB instance. It contains things like the users of your databases, with roles, custom data, etc.

To create a user in the admin database, you have to temporarily disable auth on your MongoDB instance. I don't know how compose.io works specifically, but I usually modify the mongod.conf file, and comment the line auth=true.

After that, you can connect to your MongoDB shell and create a user in the admin database.

Give the user the role userAdminAnyDatabase instead of just useAdmin.

use admindb.createUser({ user:"admin", pwd: "pass", roles: [{role: "userAdminAnyDatabase", db: "admin"}] })

An user with the role userAdminAnyDatabase can manage the users of all the databases.

Now enable auth again and restart the service.

As I said, I'm not sure how compose.io actually works and how much control it gives to you. If you don't have an admin account, this should be the way to go.

By the way, I've published an article on Medium about MongoDB 3.0 auth.

mongodb shell authentication admin database

This solved my problem:

I finally got it to work on compose.io! So here it what my oplog url ended up looking like: "MONGO_OPLOG_URL": "mongodb://username:password@single.18.mongolayerhost.com:1111/local?authSource=myDB"
I keep the MONGO_URL exactly the same as the URL compose.io provides with ?replicaSet
But for the OPLOG_URL you can only use a single host, not multiple. So you have to edit the URL compose.io gives you to only have one host. And you can't end the oplog with ?replicaSet. you can only have the ?replicaSet in the MONGO_URL.

source

mongodb shell authentication admin database

Flow to set authentication :

  1. Start MongoDB without access control.

    mongod --port 27017 --dbpath /data/db1

  2. Connect to the instance.

    mongo --port 27017

  3. Create the user administrator.

use admin    db.createUser(      {        user: "myUserAdmin",        pwd: "abc123",        roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]      }    )

  1. Re-start the MongoDB instance with access control.

    mongod --auth --port 27017 --dbpath /data/db1

  2. Authenticate as the user administrator.

    Start a mongo shell with the -u , -p , and the --authenticationDatabase command line options:

mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"

An user with the role userAdminAnyDatabase can manage the users of all the databases.

For routine user creation, you must possess the following permissions:

To create a new user in a database, you must have the createUser action on that database resource.To grant roles to a user, you must have the grantRole action on the role’s database.

MongoDB stores all user information, including name, password, and the user's authentication database, in the system.users collection in the admin database.

More Details : https://docs.mongodb.com/manual/tutorial/enable-authentication/

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last