105

I firstly installed MongoDB 3.4.1 today. But when I start it and use MongoDB shell, it gave me these warnings below: 

C:\Users\hs>"C:\Program Files\MongoDB\Server\3.4\bin\mongo.exe
MongoDB shell version v3.4.1
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.1
Server has startup warnings:
2017-01-12T21:19:46.941+0800 I CONTROL  [initandlisten]
2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2017-01-12T21:19:46.942+0800 I CONTROL  [initandlisten]

my computer is Microsoft Windows [version 10.0.14393].

Penny Liu
  • 15,447
  • 5
  • 79
  • 98
alewu
  • 1,179
  • 2
  • 8
  • 4
  • 2
    Possible duplicate of [MongoDB: Server has startup warnings](http://stackoverflow.com/questions/36660117/mongodb-server-has-startup-warnings) – Joseph Ferris Jan 12 '17 at 16:10
  • 6
    This is almost a perfect duplicate of another question. Did you happen to already have asked this last year under a different username? The only thing that is different is the username and version of Windows. See: http://stackoverflow.com/questions/36660117/mongodb-server-has-startup-warnings – Joseph Ferris Jan 12 '17 at 16:11
  • @JosephFerris, Yes, this is duplication for https://stackoverflow.com/questions/36660117/mongodb-server-has-startup-warnings and that question has closed because of this duplication. – Lakmal Vithanage Jul 19 '20 at 06:34

4 Answers4

159

Mongodb v3.4

You need to do the following to create a secure database:

Make sure the user starting the process has permissions and that the directories exist (/data/db in this case).

1) Start MongoDB without access control.

mongod --port 27017 --dbpath /data/db

2) Connect to the instance.

mongo --port 27017

3) Create the user administrator (in the admin authentication database).

use admin
db.createUser(
  {
    user: "myUserAdmin",
    pwd: "abc123",
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
  }
)

4) Re-start the MongoDB instance with access control.

mongod --auth --port 27017 --dbpath /data/db

5) Connect and authenticate as the user administrator.

mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"

6) Create additional users as needed for your deployment (e.g. in the test authentication database).

use test
db.createUser(
  {
    user: "myTester",
    pwd: "xyz123",
    roles: [ { role: "readWrite", db: "test" },
             { role: "read", db: "reporting" } ]
  }
)

7) Connect and authenticate as myTester.

mongo --port 27017 -u "myTester" -p "xyz123" --authenticationDatabase "test"

I basically just explained the short version of the official docs here: https://docs.mongodb.com/master/tutorial/enable-authentication/

basickarl
  • 37,187
  • 64
  • 214
  • 335
  • 1
    I do like you said but just one problem is that this --auth have to pass every time or for one time. if everytime then how to give with service because in a server I want to like this sudo service MongoDB start? – suresh pareek Jun 20 '17 at 07:54
  • 7
    @sureshpareek You can configure this in the mongodb.conf file if you do not want to pass it everytime, more info here: https://docs.mongodb.com/manual/reference/configuration-options/#security-options – basickarl Jun 20 '17 at 08:03
  • 1
    @sureshpareek No problem man! Check here if you wanna know more about it: http://stackoverflow.com/a/42929869/1137669 I explain in in a little more detail. – basickarl Jul 29 '17 at 12:22
  • I fail in first step .I was version v3.6.5 .The same warning and it shutdown – wyx Jun 07 '18 at 07:27
  • 13
    Seriously guys... Why you don't say to enable the `security.authorization` in `mongod.conf` ?????? – John Aug 22 '18 at 09:27
  • 1
    @John because you don't need to when you have the following flag set like in the post: `mongod --auth` – basickarl Nov 01 '20 at 15:28
10

OMG, what a gas plant, that top answer!

All you need to do is to:

  1. Edit your config, e.g. C:\Program Files\MongoDB\Server\4.4\bin\mongodb.cfg
  2. Turn the security: authorization: to enabled, as illustrated; note that this sub-entry may be missing completely. Just add it then.
  3. Restart your MongoDB Server service from the Windows Services control panel.

enter image description here

Obviously, if, following this, set up a read/readWrite role-based policy, that will make much more sense.

Ref: https://docs.mongodb.com/manual/tutorial/configure-scram-client-authentication/

I've just tested this using phpunit, works as expected.

Fabien Haddadi
  • 1,814
  • 17
  • 22
0

you can create an admin user or another role. run it on mongo shell.

db.createUser({user: "username", pwd: "password", roles: ["dbAdmin"]})

if you get SCRAM-SHA-256error you can set the SHA-1 mechanism.

db.createUser({user: "username", pwd: "password", roles: ["dbAdmin"], mechanisms: ["SCRAM-SHA-1"]})
Mohammadreza Abdoli
  • 784
  • 7
  • 10
-12

You need to delete your old db folder and recreate new one. It will resolve your issue.

Parag
  • 1