Chapter 1: The Mongod - Lab: Creating First Application User

Hi,

This is my mongod.conf
storage:
dbPath: /var/mongodb/db
net:
bindIp: localhost
port: 27000
security:
authorization: enabled
systemLog:
destination: file
path: /var/mongodb/logs/mongod.log
logAppend: true

My mongod command is:
bash-4.4# mongod -f mongod.conf

My mongo shell command is
bash-4.4# mongo m103-admin --host localhost:27000

Coonected to admin

use admin
switched to db admin

Trying to create a user with the command:

db.createUser(
… { user: “m103-application-user”,
… pwd: “m103-application-pass”,
… roles: [ { db: “applicationData”, role: “dbAdmin” } ]
… }
… )

But it is giving authentication error:
2020-12-13T22:50:25.170+0000 E QUERY [js] Error: couldn’t add user: command createUser requires authentication :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1491:15
@(shell):1:1

Could you please advise - what authentication it requires and I am missing?

Regards,
Mahantesh

mongo m103-admin --host localhost:27000

this command connects to m103-admin database. Try connecting again and running db to test.

The user needs to authenticate in order for the permissions to be set. Either

  1. use admin
  2. db.auth({user:"m103-admin", pwd:"I dont remember, password"})

Or

mongo  --port 27000 -u m103-admin -p --authenticationDatabase admin

This will prompt you for the password, so it’s not stored in the terminal’s history.


You can also omit --authenticationDatabase admin, and it will authenticate to admin by default (test, I may be wrong).

Hi Santiago,
Thanks for your response
I tried all the following 5 forms of the command

  1. mongo --port 27000 -u “m103-admin” -p “m103-admin” -authenticationDatabase “admin”
  2. mongo --port 27000 -u “m103-admin” -p “m103-admin” --authenticationDatabase “admin”
  3. mongo --port 27000 -u m103-admin -p m103-admin -authenticationDatabase admin
  4. mongo --port 27000 -u m103-admin -p m103-admin --authenticationDatabase admin
  5. mongo --port 27000 -u m103-admin -p --authenticationDatabase admin

it is giving the same error - Authentication failed as shown below
MongoDB shell version v4.0.5
Enter password:
connecting to: mongodb://127.0.0.1:27000/?authSource=admin&gssapiServiceName=mongodb
2020-12-15T15:13:32.344+0000 E QUERY [js] Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:328:13
@(connect):1:6
exception: connect failed

Following is my mongod.conf
storage:
dbPath: /var/mongodb/db
net:
bindIp: localhost
port: 27000
security:
authorization: enabled
systemLog:
destination: file
path: /var/mongodb/logs/mongod.log
logAppend: true

What is going wrong could you please advise?

Regards,
Mahantesh

You have the wrong password.

The password is m103-pass.

1 Like

Hi Steevej,

Thanks for your response.

Yes, it was my mistake of not giving an attention to it. It worked but based on the following lab instructions:

Use the db.createUser() command to create a user for a CRUD application.

The requirements for this new user are:

  • Role: readWrite on applicationData database
  • Authentication source: admin
  • Username: m103-application-user
  • Password: m103-application-pass

I have tried to execute the following createUser & grantRolesToUser commands.
db.createUser(
{ user: “m103-application-user”,
pwd: “m103-application-pass”,
roles: [ { db: “admin”, role: “dbAdmin” } ]
}
)

db.grantRolesToUser( “m103-application-user”, [ { db: “applicationData”, role: “dbOwner” } ] )

When I press the RunTest it gave me the following errors:
3 total, 0 passed, 0 skipped:
[FAIL] “The user m103-application-user was created on the admin database”
Did you create the ‘m103-application-user’ on the admin database?

[FAIL] “The user m103-application-user has the correct permissions”
Did you create the ‘m103-application-user’ with the readWrite role on the
applicationData database?

[FAIL] “The user m103-application-user has the correct password”
Did you create the ‘m103-application-user’ with the password
‘m103-application-pass’?
Reset Workspace

Explanation of the Error messages:
1.
[FAIL] “The user m103-application-user was created on the admin database”
Did you create the ‘m103-application-user’ on the admin database?

Yes, based on the “db.createUser” the user “m103-application-user” has been created on the “admin” database (db: “admin”). What is wrong here?

[FAIL] “The user m103-application-user has the correct permissions”
Did you create the ‘m103-application-user’ with the readWrite role on the
applicationData database?

Based on “grantRolesToUser” the user “m103-application-user” has been granted readWrite role (role: “dbOwner”) on the applicationData database (db: “applicationData”). What is wrong here?

[FAIL] “The user m103-application-user has the correct password”
Did you create the ‘m103-application-user’ with the password
‘m103-application-pass’?

Yes, based on the “db.createUser” the user “m103-application-user” (user: “m103-application-user”) has been created with the password “m103-application-pass” (pwd: “m103-application-pass”) as per lab instructions. What is wrong here?

Thanks in advance for your help.

Regards,
Mahantesh

Issue is with your user creation step
Please give the correct role as per your lab requirements
It will work

Hi @Mahantesh_Angadi,

Let us know if you are still facing any issues.

use admin
switched to db admin
db.createUser(
… { user:“m103-application-user”,
… pwd:“m103-application-pass”,
… roles: [ { db: “admin”, role: “readWrite” } ]
… }
… )
Successfully added user: {
“user” : “m103-application-user”,
“roles” : [
{
“db” : “admin”,
“role” : “readWrite”
}
]
}

I am able to create user under admn with read Write role but when i run test it states following

[PASS] “The user m103-application-user was created on the admin database”
[FAIL] “The user m103-application-user has the correct permissions”

Did you create the ‘m103-application-user’ with the readWrite role on the
applicationData database?

[FAIL] “The user m103-application-user has the correct password”

Did you create the ‘m103-application-user’ with the password
‘m103-application-pass’?

How to fix it?

I have embolden the part that you are having wrong.

Thanks i was adding to admin instead of applicationData :stuck_out_tongue:

use dbadmin
db.createUser(
{ user: “m103-application-user”,
pwd: “m103-application-pass”,
roles: [ { db: “applicationData”, role: “readWrite” } ]
}
)

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.