Chapter 1: The Mongod - Lab: Creating First Application User

Mahantesh_Angadi · December 13, 2020, 10:59pm

Hi,

This is my mongod.conf
storage:
dbPath: /var/mongodb/db
net:
bindIp: localhost
port: 27000
security:
authorization: enabled
systemLog:
destination: file
path: /var/mongodb/logs/mongod.log
logAppend: true

My mongod command is:
bash-4.4# mongod -f mongod.conf

My mongo shell command is
bash-4.4# mongo m103-admin --host localhost:27000

Coonected to admin

use admin
switched to db admin

Trying to create a user with the command:

db.createUser(
… { user: “m103-application-user”,
… pwd: “m103-application-pass”,
… roles: [ { db: “applicationData”, role: “dbAdmin” } ]
… }
… )

But it is giving authentication error:
2020-12-13T22:50:25.170+0000 E QUERY [js] Error: couldn’t add user: command createUser requires authentication :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1491:15
@(shell):1:1

Could you please advise - what authentication it requires and I am missing?

Regards,
Mahantesh

Santiago_Miranda · December 14, 2020, 1:38am

mongo m103-admin --host localhost:27000

this command connects to m103-admin database. Try connecting again and running db to test.

The user needs to authenticate in order for the permissions to be set. Either

use admin
db.auth({user:"m103-admin", pwd:"I dont remember, password"})

Or

mongo  --port 27000 -u m103-admin -p --authenticationDatabase admin

This will prompt you for the password, so it’s not stored in the terminal’s history.

You can also omit --authenticationDatabase admin, and it will authenticate to admin by default (test, I may be wrong).

Mahantesh_Angadi · December 15, 2020, 3:20pm

Hi Santiago,
Thanks for your response
I tried all the following 5 forms of the command

mongo --port 27000 -u “m103-admin” -p “m103-admin” -authenticationDatabase “admin”
mongo --port 27000 -u “m103-admin” -p “m103-admin” --authenticationDatabase “admin”
mongo --port 27000 -u m103-admin -p m103-admin -authenticationDatabase admin
mongo --port 27000 -u m103-admin -p m103-admin --authenticationDatabase admin
mongo --port 27000 -u m103-admin -p --authenticationDatabase admin

it is giving the same error - Authentication failed as shown below
MongoDB shell version v4.0.5
Enter password:
connecting to: mongodb://127.0.0.1:27000/?authSource=admin&gssapiServiceName=mongodb
2020-12-15T15:13:32.344+0000 E QUERY [js] Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:328:13
@(connect):1:6
exception: connect failed

Following is my mongod.conf
storage:
dbPath: /var/mongodb/db
net:
bindIp: localhost
port: 27000
security:
authorization: enabled
systemLog:
destination: file
path: /var/mongodb/logs/mongod.log
logAppend: true

What is going wrong could you please advise?

Regards,
Mahantesh

steevej · December 15, 2020, 3:29pm

You have the wrong password.

The password is m103-pass.

Mahantesh_Angadi · December 15, 2020, 4:24pm

Hi Steevej,

Thanks for your response.

Yes, it was my mistake of not giving an attention to it. It worked but based on the following lab instructions:

Use the db.createUser() command to create a user for a CRUD application.

The requirements for this new user are:

Role: readWrite on applicationData database
Authentication source: admin
Username: m103-application-user
Password: m103-application-pass

I have tried to execute the following createUser & grantRolesToUser commands.
db.createUser(
{ user: “m103-application-user”,
pwd: “m103-application-pass”,
roles: [ { db: “admin”, role: “dbAdmin” } ]
}
)

db.grantRolesToUser( “m103-application-user”, [ { db: “applicationData”, role: “dbOwner” } ] )

When I press the RunTest it gave me the following errors:
3 total, 0 passed, 0 skipped:
[FAIL] “The user m103-application-user was created on the admin database”
Did you create the ‘m103-application-user’ on the admin database?

[FAIL] “The user m103-application-user has the correct permissions”
Did you create the ‘m103-application-user’ with the readWrite role on the
applicationData database?

[FAIL] “The user m103-application-user has the correct password”
Did you create the ‘m103-application-user’ with the password
‘m103-application-pass’?
Reset Workspace

Explanation of the Error messages:
1.
[FAIL] “The user m103-application-user was created on the admin database”
Did you create the ‘m103-application-user’ on the admin database?

Yes, based on the “db.createUser” the user “m103-application-user” has been created on the “admin” database (db: “admin”). What is wrong here?

[FAIL] “The user m103-application-user has the correct permissions”
Did you create the ‘m103-application-user’ with the readWrite role on the
applicationData database?

Based on “grantRolesToUser” the user “m103-application-user” has been granted readWrite role (role: “dbOwner”) on the applicationData database (db: “applicationData”). What is wrong here?

[FAIL] “The user m103-application-user has the correct password”
Did you create the ‘m103-application-user’ with the password
‘m103-application-pass’?

Yes, based on the “db.createUser” the user “m103-application-user” (user: “m103-application-user”) has been created with the password “m103-application-pass” (pwd: “m103-application-pass”) as per lab instructions. What is wrong here?

Thanks in advance for your help.

Regards,
Mahantesh

Ramachandra_Tummala · December 15, 2020, 4:59pm

Issue is with your user creation step
Please give the correct role as per your lab requirements
It will work

Shubham_Ranjan · December 24, 2020, 6:35pm

Hi @Mahantesh_Angadi,

Let us know if you are still facing any issues.

Mahrukh_Khan · March 10, 2021, 10:59pm

use admin
switched to db admin
db.createUser(
… { user:“m103-application-user”,
… pwd:“m103-application-pass”,
… roles: [ { db: “admin”, role: “readWrite” } ]
… }
… )
Successfully added user: {
“user” : “m103-application-user”,
“roles” : [
{
“db” : “admin”,
“role” : “readWrite”
}
]
}

I am able to create user under admn with read Write role but when i run test it states following

[PASS] “The user m103-application-user was created on the admin database”
[FAIL] “The user m103-application-user has the correct permissions”

Did you create the ‘m103-application-user’ with the readWrite role on the
applicationData database?

[FAIL] “The user m103-application-user has the correct password”

Did you create the ‘m103-application-user’ with the password
‘m103-application-pass’?

How to fix it?

steevej · March 10, 2021, 11:07pm

I have embolden the part that you are having wrong.

Mahrukh_Khan · March 12, 2021, 6:35am

Thanks i was adding to admin instead of applicationData

use dbadmin
db.createUser(
{ user: “m103-application-user”,
pwd: “m103-application-pass”,
roles: [ { db: “applicationData”, role: “readWrite” } ]
}
)

system · March 16, 2021, 6:32pm

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.