MongoDB - admin user not authorized

Question

I am trying to add authorization to my MongoDB.

I am doing all this on Linux with MongoDB 2.6.1.

My mongod.conf file is in the old compatibility format

(this is how it came with the installation).

1) I created an admin user as described herein (3)

http://docs.mongodb.org/manual/tutorial/add-user-administrator/

2) I then edited mongod.conf by uncommenting this line

auth = true

3) Finally, I rebooted the mongod service and I tried to log in with:

/usr/bin/mongo localhost:27017/admin -u sa -p pwd

4) I can connect but it says this upon connect.

MongoDB shell version: 2.6.1 connecting to: localhost:27017/admin Welcome to the MongoDB shell! The current date/time is: Thu May 29 2014 17:47:16 GMT-0400 (EDT) Error while trying to show server startup warnings: not authorized on admin to execute command { getLog: "startupWarnings" }

5) Now it seems this sa user I created has no permissions at all.

root@test02:~# mc MongoDB shell version: 2.6.1 connecting to: localhost:27017/admin Welcome to the MongoDB shell! The current date/time is: Thu May 29 2014 17:57:03 GMT-0400 (EDT) Error while trying to show server startup warnings: not authorized on admin to execute command { getLog: "startupWarnings" } [admin] 2014-05-29 17:57:03.011 

>>> use admin switched to db admin [admin] 2014-05-29 17:57:07.889 

>>> show collections 2014-05-29T17:57:10.377-0400 error: { "$err" : "not authorized for query on admin.system.namespaces", "code" : 13 } at src/mongo/shell/query.js:131 [admin] 2014-05-29 17:57:10.378

>>> use test switched to db test [test] 2014-05-29 17:57:13.466 >>> show collections 2014-05-29T17:57:15.930-0400 error: { "$err" : "not authorized for query on test.system.namespaces", "code" : 13 } at src/mongo/shell/query.js:131 [test] 2014-05-29 17:57:15.931 

>>>

What is the problem? I repeated this procedure 3 times and

I think I did it all as specified in the MongoDB docs. But it doesn't work.

I was expecting this sa user to be authorized to do anything so that

he can then create other users and give them more specific permissions.

Answer 1

The problem was the role was not set to the root so set the role to be root when adding the first admin user.

use admin 

db.createUser( 

{ 

user: 'admin', 

pwd: 'password', 

roles: [ { role: 'root', db: 'admin' } ] 

} 

); 

exit;

If you have already created the admin user, you can change the role like this:

use admin; 

db.grantRolesToUser('admin', [{ role: 'root', db: 'admin' }]) 

Answer 2

You can try: Using the --authenticationDatabase flag helps.

mongo --port 27017 -u "admin" -p "password" --authenticationDatabase "admin"