MongoDB - admin user not authorized

Question

I am trying to add authorization to my MongoDB  I am doing all this on Linux with MongoDB 2 6 1  My mongod conf file is in the old compatibility format  this is how it came with the installation        1  I created admin user as described here in  3   http   docs mongodb org manual tutorial add-user-administrator   2  I then edited mongod conf by uncommenting this line  auth   true  3  Finally I rebooted the mongod service and I tried to login with    usr bin mongo localhost 27017 admin -u sa -p pwd  4  I can connect but it says this upon connect   MongoDB shell version  2 6 1 connecting to  localhost 27017 admin Welcome to the MongoDB shell  The current date time is  Thu May 29 2014 17 47 16 GMT-0400  EDT  Error while trying to show server startup warnings  not authorized on admin to execute command   getLog   startupWarnings      5  Now it seems this sa user I created has no permissions at all   root test02    mc MongoDB shell version  2 6 1 connecting to  localhost 27017 admin Welcome to the MongoDB shell  The current date time is  Thu May 29 2014 17 57 03 GMT-0400  EDT  Error while trying to show server startup warnings  not authorized on admin to execute command   getLog   startupWarnings     admin  2014-05-29 17 57 03 011  gt  gt  gt  use admin switched to db admin  admin  2014-05-29 17 57 07 889  gt  gt  gt  show collections 2014-05-29T17 57 10 377-0400 error              err     not authorized for query on admin system namespaces            code    13   at src mongo shell query js 131  admin  2014-05-29 17 57 10 378  gt  gt  gt  use test switched to db test  test  2014-05-29 17 57 13 466  gt  gt  gt  show collections 2014-05-29T17 57 15 930-0400 error              err     not authorized for query on test system namespaces            code    13   at src mongo shell query js 131  test  2014-05-29 17 57 15 931  gt  gt  gt    What is the problem  I repeated this whole procedure 3 times and I think I did it all as specified in the MongoDB docs  But it doesn t work  I was expecting this sa user to be authorized to do anything so that he can then create other users and give them more specific permissions

User · Answer

I know this answer is coming really late on in this thread but I hope you check it out.

The reason you get that error is based on the specific role that you granted to the user, which you have gathered by now, and yes giving that user the role root will solve your problem but you must first understand what these roles do exactly before granting them to users.

In tutorial you granted the user the userAdminAnyDatabase role which basically give the user the ability to manage users of all your databases. What you were trying to do with your user was outside its role definition.

The root role has this role included in it definition as well as the readWriteAnyDatabase, dbAdminAnyDatabase and other roles making it a superuser (basically because you can do anything with it).

You can check out the role definitions to see which roles you will need to give you users to complete certain tasks. https://docs.mongodb.com/manual/reference/built-in-roles/ Its not advisable to make all your users super ones :)

User · Answer

use mydb    db createUser    user   test   pwd   secret   roles     readWrite    dbAdmin   passwordDigestor  server

User · Answer

It s a bit confusing - I believe you will need to grant yourself readWrite to query a database  A user with dbadmin or useradmin can admin the database  including granting yourself additional rights  but cannot perform queries or write data    so grant yourself readWrite and you should be fine -   http   docs mongodb org manual reference built-in-roles  readWrite

User · Answer

I had this problem because of the hostname in my MongoDB Compass was pointing to admin instead for my project  Fixed by adding the  projectname after the hostname    Try this    Choose your project in the MongoDB atlas website Connect Connect with MongoDB Compass Download Compass Choose your OS I used Compass 1 12 or later Copy the connection string under the Compass 1 12 or later  Open MongoDB Compass Connect top left  Connect To Connection String detected Yes  Append your project name after the hostname  cluster9-foodie mongodb net projectname Connect  amp  Tested the API with POSTMAN  Succeed    Use the same connection string in your code too    Before    mongodb srv   projectname password cluster9-foodie mongodb net admin  After    mongodb srv   projectname password cluster9-foodie mongodb net projectname    Good luck

User · Answer

I was also scratching my head around the same issue  and everything worked after I set the role to be root when adding the first admin user   use admin db createUser          user   admin       pwd   password       roles      role   root   db   admin             exit    If you have already created the admin user  you can change the role like this   use admin  db grantRolesToUser  admin      role   root   db   admin        For a complete authentication setting reference  see the steps I ve compiled after hours of research over the internet

User · Answer

It s a simple question    It s important that you must switch the target db NOT admin        use yourDB    check your db authentication by       show users    If you get a    empty object that is the question  You just need to type       db createUser                  user   yourUser           pwd   password           roles     readWrite    dbAdmin                or     db grantRolesToUser  yourUser     role   dbAdmin   db   yourDB

User · Answer

For MongoDB shell version v4 2 8 I ve tried different ways to back-up my database with auth  my winner solution is mongodump -h  lt your hostname gt  -d  lt your db name gt  -u  lt your db username gt  -p  lt your db password gt  --authenticationDatabase admin -o  path to where i want

User · Answer

Perhaps a quick example of how to change a current user will be helpful to somebody  This is what I was actually looking for    Following advice of  JohnPetrone I added readWrite role to my admin user with grantRolesToUser    gt  use admin  gt  db grantRolesToUser  admin    readWrite     gt  show collections system users system version

User · Answer

In addition  notice that if your mongo shell client fails to connect correctly to the mongod instance  you can receive such  Permission Denied  errors   Make sure that your client opens a connection by checking the connection port  but also that the port you are using in mongod is not in use  You can set a different port by using the --port  lt port gt  parameter in both the shell and the process

User · Answer

You can try  Using the --authenticationDatabase flag helps   mongo --port 27017 -u  admin  -p  password  --authenticationDatabase  admin

User · Answer

I followed these steps on Centos 7 for MongoDB 4 2   Remote user  Update mongod conf file vi  etc mongod conf    net       port  27017      bindIp  0 0 0 0     security       authorization  enabled  Start MongoDB service demon systemctl start mongod  Open MongoDB shell mongo  Execute this command on the shell use admin db createUser          user   admin       pwd   YouPassforUser       roles      role   root   db   admin              Remote root user has been created  Now you can test this database connection by using any MongoDB GUI tool from your dev machine  Like Robo 3T

User · Answer

This may be because you havent set noAuth true in mongodb conf    Turn on off security   Off is currently the default noauth   true  auth   true   After setting this restart the service using  service mongod restart

User · Answer

I came across this thread with a similar issue  but my problem was that I used the collection name instead of the database name

User · Answer

Agreed that you ve to get authenticated to admin db and needs at least a role with correct privileges which would avoid  local host exception  from DB this is for mongoDB s hosted on-premises   though you ve everything in place  amp  still getting not authorized exceptions on almost every command  while accessing mongoDB which got created using Mongo Atlas  then here is the place where you might know the reason  why    https   dba stackexchange com questions 219003 not-authorized-on-admin-to-execute-command-mongodb-atlas-m0-free-tier-cluster newreg 471a9a26108243d78d4ca74a87e7a115  and also check this if you ve hosted mongoDB on mongo Atlas   https   docs atlas mongodb com unsupported-commands

User · Answer

Use Admin       use admin  Create a super user         db createUser            user   master       pwd   test 123       roles                role   readWriteAnyDatabase        db   admin                      role     dbAdminAnyDatabase        db     admin                    role     clusterAdmin        db     admin              userAdminAnyDatabase

User · Answer

I had a similar problem here on a Windows environment  I have installed Bitnami DreamFactory and it also installs another MongoDb that is started on system boot  I was running my MongoDbService  that was started without any error  but I noticed after losing a lot of time that I was in fact connecting on Bitnami s MongoDb Service  Please  take a look if there is not another instance of mongoDB running on your server   Good Luck

[mongodb] MongoDB - admin user not authorized

Examples related to mongodb

Examples related to admin