MongoDB: Server has startup warnings ''Access control is not enabled for the database''
Solution 1:
Mongodb v3.4
You need to do the following to create a secure database:
Make sure the user starting the process has permissions and that the directories exist (/data/db in this case).
1) Start MongoDB without access control.
mongod --port 27017 --dbpath /data/db
2) Connect to the instance.
mongo --port 27017
3) Create the user administrator (in the admin authentication database).
use admin
db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
4) Re-start the MongoDB instance with access control.
mongod --auth --port 27017 --dbpath /data/db
5) Connect and authenticate as the user administrator.
mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"
6) Create additional users as needed for your deployment (e.g. in the test authentication database).
use test
db.createUser(
{
user: "myTester",
pwd: "xyz123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
}
)
7) Connect and authenticate as myTester.
mongo --port 27017 -u "myTester" -p "xyz123" --authenticationDatabase "test"
I basically just explained the short version of the official docs here: https://docs.mongodb.com/master/tutorial/enable-authentication/
Solution 2:
OMG, what a gas plant, that top answer!
All you need to do is to:
- Edit your config, e.g.
C:\Program Files\MongoDB\Server\4.4\bin\mongodb.cfg - Turn the
security: authorization:toenabled, as illustrated; note that this sub-entry may be missing completely. Just add it then. - Restart your
MongoDB Serverservice from the Windows Services control panel.
Obviously, if, following this, set up a read/readWrite role-based policy, that will make much more sense.
Ref: https://docs.mongodb.com/manual/tutorial/configure-scram-client-authentication/
I've just tested this using phpunit, works as expected.