Hi, with or without authorization I get > Error: couldn’t add user: command createUser requires authentication :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1367:11
@(shell):1:1
Here is the mongod.log you asked for:
https://pastebin.com/EuARNZmB
I hope it will be helpful
Thanks in advance
Uli
Hi,
the mongod.log you can find here as a file: https://ukleemann.net/index.php/apps/files/?dir=/Documents/FILES&fileid=277
Regards,
Uli
I assume you are using standalone mongod instance, at least I could not see a replica set in your config file.
You can add the first admin user to your database with disabled access control, try the following steps:
procedure is available online
If you enable access control before creating any user, MongoDB provides a localhost exception which allows you to create a user administrator in the admin database.
Hi,
I changed authorization from enable to disabled like this:
security:
authorization: disabled
then I tried to add an admin user like that:
use admin
db.createUser({
then I got the know error again
uncaught exception: Error: couldn’t add user: command createUser requires authentication :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1367:11
@(shell):1:1
what did I do wrong?
Regards,
Uli
you need to disable access control like this (add # before security and authorization: enabled)
# security:
# authorization: enabled
now restart mongod and add first user
Your restart that indicates that it fails.
And in the same post, you are able to connect and call db.createUser.
This is inconsistent. If mongod does not start then you cannot connect. If you can connect then another instance is running or you are not connecting to the instance you think you are starting.
From
it looks like you are trying to start a docker instance. It is possible then when you connect you try to connect to a local instance, which is not using the configuration file you shared and is not running with authentication.
To know more about your setup please share the output of the following commands:
ss -tlnp
ps -aef | grep [m]ongod
docker ps
mongo started (it is how I understand it), see
Thanks, I saw that, but I have some doubts about the whole setup. So I am still interested to see the output of the commands.
I would also like to see the command used to connect.
Hi,
following you advice uncommentig authorization with # I get the same error when I try to create the m103-admin user
here are the outputs of
ss -ltnp
ss -ltnp
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=5347,fd=68))
LISTEN 0 4096 0.0.0.0:30783 0.0.0.0:* users:(("k3s-server",pid=1958,fd=254))
LISTEN 0 4096 127.0.0.1:19999 0.0.0.0:* users:(("netdata",pid=5347,fd=5))
LISTEN 0 4096 0.0.0.0:31808 0.0.0.0:* users:(("k3s-server",pid=1958,fd=43))
LISTEN 0 64 0.0.0.0:2049 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:10050 0.0.0.0:* users:(("zabbix_agentd",pid=1809,fd=4),("zabbix_agentd",pid=1808,fd=4),("zabbix_agentd",pid=1807,fd=4),("zabbix_agentd",pid=1806,fd=4),("zabbix_agentd",pid=1805,fd=4),("zabbix_agentd",pid=1769,fd=4))
LISTEN 0 4096 192.168.10.67:27011 0.0.0.0:* users:(("mongod",pid=129697,fd=14))
LISTEN 0 4096 127.0.0.1:27011 0.0.0.0:* users:(("mongod",pid=129697,fd=13))
LISTEN 0 4096 127.0.0.1:2947 0.0.0.0:* users:(("systemd",pid=1,fd=280))
LISTEN 0 4096 192.168.10.67:27012 0.0.0.0:* users:(("mongod",pid=44529,fd=14))
LISTEN 0 4096 127.0.0.1:27012 0.0.0.0:* users:(("mongod",pid=44529,fd=13))
LISTEN 0 4096 192.168.10.67:27013 0.0.0.0:* users:(("mongod",pid=44585,fd=14))
LISTEN 0 4096 127.0.0.1:27013 0.0.0.0:* users:(("mongod",pid=44585,fd=13))
LISTEN 0 4096 127.0.0.1:10248 0.0.0.0:* users:(("k3s-server",pid=1958,fd=279))
LISTEN 0 4096 127.0.0.1:27017 0.0.0.0:* users:(("mongod",pid=141575,fd=12))
LISTEN 0 4096 127.0.0.1:10249 0.0.0.0:* users:(("k3s-server",pid=1958,fd=248))
LISTEN 0 3 127.0.0.1:2601 0.0.0.0:* users:(("zebra",pid=1612,fd=25))
LISTEN 0 80 0.0.0.0:3306 0.0.0.0:* users:(("mariadbd",pid=1821,fd=31))
LISTEN 0 4096 0.0.0.0:59563 0.0.0.0:* users:(("rpc.mountd",pid=1990,fd=5))
LISTEN 0 511 127.0.0.1:6379 0.0.0.0:* users:(("redis-server",pid=1757,fd=6))
LISTEN 0 4096 127.0.0.1:6444 0.0.0.0:* users:(("k3s-server",pid=1958,fd=22))
LISTEN 0 4096 0.0.0.0:37261 0.0.0.0:* users:(("rpc.statd",pid=1989,fd=9))
LISTEN 0 10 127.0.0.1:5038 0.0.0.0:* users:(("asterisk",pid=7558,fd=7))
LISTEN 0 4096 0.0.0.0:47279 0.0.0.0:* users:(("rpc.mountd",pid=1990,fd=9))
LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=1204,fd=4),("systemd",pid=1,fd=235))
LISTEN 0 4096 127.0.0.1:10256 0.0.0.0:* users:(("k3s-server",pid=1958,fd=257))
LISTEN 0 4096 127.0.0.1:10257 0.0.0.0:* users:(("k3s-server",pid=1958,fd=210))
LISTEN 0 4096 127.0.0.1:10258 0.0.0.0:* users:(("k3s-server",pid=1958,fd=201))
LISTEN 0 4096 127.0.0.1:10259 0.0.0.0:* users:(("k3s-server",pid=1958,fd=219))
LISTEN 0 4096 0.0.0.0:47219 0.0.0.0:* users:(("rpc.mountd",pid=1990,fd=13))
LISTEN 0 32 10.234.225.1:53 0.0.0.0:* users:(("dnsmasq",pid=13324,fd=7))
LISTEN 0 32 192.168.12.1:53 0.0.0.0:* users:(("dnsmasq",pid=3251,fd=6))
LISTEN 0 32 192.168.11.1:53 0.0.0.0:* users:(("dnsmasq",pid=3216,fd=6))
LISTEN 0 32 192.168.100.1:53 0.0.0.0:* users:(("dnsmasq",pid=3183,fd=6))
LISTEN 0 4096 127.0.2.1:53 0.0.0.0:* users:(("dnscrypt-proxy",pid=1749,fd=8),("systemd",pid=1,fd=269))
LISTEN 0 128 127.0.0.1:8118 0.0.0.0:* users:(("privoxy",pid=2114,fd=4))
LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=1814,fd=3))
LISTEN 0 128 127.0.0.1:631 0.0.0.0:* users:(("cupsd",pid=1748,fd=8))
LISTEN 0 244 127.0.0.1:5432 0.0.0.0:* users:(("postgres",pid=1922,fd=4))
LISTEN 0 3 127.0.0.1:2616 0.0.0.0:* users:(("staticd",pid=1620,fd=12))
LISTEN 0 244 127.0.0.1:5433 0.0.0.0:* users:(("postgres",pid=1923,fd=6))
LISTEN 0 64 0.0.0.0:37849 0.0.0.0:*
LISTEN 0 4096 127.0.0.1:10010 0.0.0.0:* users:(("containerd",pid=8951,fd=18))
LISTEN 0 244 127.0.0.1:5434 0.0.0.0:* users:(("postgres",pid=1849,fd=6))
LISTEN 0 4096 127.0.0.1:9050 0.0.0.0:* users:(("tor",pid=1851,fd=6))
LISTEN 0 4096 [::1]:8125 [::]:* users:(("netdata",pid=5347,fd=67))
LISTEN 0 64 [::]:2049 [::]:*
LISTEN 0 4096 [::]:10050 [::]:* users:(("zabbix_agentd",pid=1809,fd=5),("zabbix_agentd",pid=1808,fd=5),("zabbix_agentd",pid=1807,fd=5),("zabbix_agentd",pid=1806,fd=5),("zabbix_agentd",pid=1805,fd=5),("zabbix_agentd",pid=1769,fd=5))
LISTEN 0 4096 [::]:53539 [::]:* users:(("rpc.mountd",pid=1990,fd=15))
LISTEN 0 4096 [::1]:2947 [::]:* users:(("systemd",pid=1,fd=279))
LISTEN 0 4096 [::]:42597 [::]:* users:(("rpc.statd",pid=1989,fd=11))
LISTEN 0 4096 *:10250 *:* users:(("k3s-server",pid=1958,fd=278))
LISTEN 0 80 [::]:3306 [::]:* users:(("mariadbd",pid=1821,fd=32))
LISTEN 0 4096 *:10251 *:* users:(("k3s-server",pid=1958,fd=218))
LISTEN 0 4096 *:6443 *:* users:(("k3s-server",pid=1958,fd=14))
LISTEN 0 511 [::1]:6379 [::]:* users:(("redis-server",pid=1757,fd=7))
LISTEN 0 4096 [::]:49839 [::]:* users:(("rpc.mountd",pid=1990,fd=7))
LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=1204,fd=6),("systemd",pid=1,fd=237))
LISTEN 0 511 *:80 *:* users:(("apache2",pid=11166,fd=4),("apache2",pid=11165,fd=4),("apache2",pid=11159,fd=4),("apache2",pid=3098,fd=4),("apache2",pid=3097,fd=4),("apache2",pid=3096,fd=4),("apache2",pid=3095,fd=4),("apache2",pid=3094,fd=4),("apache2",pid=3093,fd=4),("apache2",pid=3053,fd=4),("apache2",pid=3044,fd=4))
LISTEN 0 64 [::]:43635 [::]:*
LISTEN 0 128 [::1]:8118 [::]:* users:(("privoxy",pid=2114,fd=5))
LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=1814,fd=4))
LISTEN 0 128 [::1]:631 [::]:* users:(("cupsd",pid=1748,fd=7))
LISTEN 0 244 [::1]:5432 [::]:* users:(("postgres",pid=1922,fd=3))
LISTEN 0 244 [::1]:5433 [::]:* users:(("postgres",pid=1923,fd=5))
LISTEN 0 244 [::1]:5434 [::]:* users:(("postgres",pid=1849,fd=5))
LISTEN 0 4096 [::]:44699 [::]:* users:(("rpc.mountd",pid=1990,fd=11))
LISTEN 0 4096 *:6556 *:* users:(("systemd",pid=1,fd=296))
docker -ps
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ps -aef |grep [m]ongodb
ps -aef |grep [m]ongodb
uli 127446 45830 0 15:58 pts/16 00:00:04 mongosh mongodb://local
mongodb 141575 1 0 16:49 ? 00:00:06 /usr/bin/mongod --config /etc/mongod.conf
Hope this will help.
Thanks,
Uli
can you also show your current mongod.conf file (with disabled access control)
More weird stuff.
Output of
ping local
The ss -tlnp output shows at least 3 instances of mongod listening.
But your ps output only shows:
May it is because you did
rather than
The trailing b you added might the others not show if started by another user. This, or the output is redacted.
With which user are you running
Can you do it as
hi steeve,
ps -aef | grep [m]ongod gives me
ps -aef |grep [m]ongodb
uli 127446 45830 0 15:58 pts/16 00:00:04 mongosh mongodb://local
mongodb 141575 1 0 16:49 ? 00:00:06 /usr/bin/mongod --config /etc/mongod.conf
the docker ps command I run as root@docker but docker is no docker container just a hostname therefore it shows no running docker containers
Regards,
Uli
hi steeve,
thanks for you help. the 3 instnaces I made to create a local replica set following this tutorial from mongo m103-course
thats what I want to do so the ps command gives you 3 instances on 3 different ports 27011 27012 and 27013
my mongod.conf with diabled commented security section looks like this
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
# where to write logging data.
systemLog:
# network interfaces
net:
# how the process runs
processManagement:
#security:
# authorization: disabled
Regards,
Uli
If the processes are listening they should show up with ps.
Share
ps -aef | grep 44529
ps -aef | grep 44585
Once again
Remove the trailing d from
and do it as root.
Hi Steve,
I did as root
ps -aef | grep 44529
root 44529 1 1 11:04 ? 00:11:43 mongod -f node2.conf
root 233055 31059 0 22:47 pts/10 00:00:00 grep 44529
ps -aef | grep 44585
root 44585 1 1 11:04 ? 00:11:44 mongod -f node3.conf
root 234045 31059 0 22:52 pts/10 00:00:00 grep 44585
ping local
name or service not known
ps -aef | grep [m]ongod
root 44529 1 1 11:04 ? 00:11:48 mongod -f node2.conf
root 44585 1 1 11:04 ? 00:11:45 mongod -f node3.conf
uli 127446 45830 0 15:58 pts/16 00:00:08 mongosh mongodb://local
root 129697 1 0 16:07 ? 00:03:46 mongod -f node1.conf
mongodb 141575 1 0 16:49 ? 00:02:10 /usr/bin/mongod --config /etc/mongod.conf
root@docker:/etc# ps -aef | grep [m]ongo
uli 34082 23014 0 10:21 pts/11 00:00:02 mongo --host 127.0.0.1:27017
root 44529 1 1 11:04 ? 00:11:48 mongod -f node2.conf
root 44585 1 1 11:04 ? 00:11:45 mongod -f node3.conf
uli 127446 45830 0 15:58 pts/16 00:00:08 mongosh mongodb://local
root 129697 1 0 16:07 ? 00:03:46 mongod -f node1.conf
uli 129945 51824 0 16:08 pts/15 00:00:01 mongo --port 27011
mongodb 141575 1 0 16:49 ? 00:02:10 /usr/bin/mongod --config /etc/mongod.conf
I hope I understood you correctly.
Regards,
Uli
Hi guys,
this mongodb.conf drives me crazy. Whatever I try I cannot create a user because of it needs authentication. If I disable authentication in the mongod.conf file with # and restart mongod it still dies not work to create the admin user because of that requiresauthentication error message. Any idea whatelse I could do to fix that?
Many thanks in advance
Uli
The main issue with your steup is that you have 4 instances of mongod running.
Since ping local gives an error there is no way to know where you connect with mongosh mongodb:/local.
You are running some mongod as root. You should not run any server as root.
Sine it looks like you are trying to do m103 exercises, I would recommend you use the IDE. The IDE strats with a fresh VM and you do not hand up with things from previous lab.
I suspect that you have already created a user by doing a prevovious lab. To ease hurdles the lab instructions assume a given setup which you might not gave on your machine. You will not be able to create a new user if one exists unless you authenticate.
You should stop all mongod running on your system and use the IDE until you are familiar enough to put back your system in working health.
from the above answers, it is clear that you are either NOT restarting the server you try to connect to, or you connect to the wrong server.
please first clean (kill) all running instances, check this post for the steps: https://www.mongodb.com/community/forums/t/m150-implementing-internal-authentication-error/171089/3?u=yilmaz_durmaz
next, disable (comment out) security in all your config files.
then, one by one, check your config files, and make notes of the ports you have used. run each config file independently of each other and see if they run. then if they start, connect to them with mongo --port 27xxx using the port number of that config file. since you run them all in the same machine, you don’t need to use --host 120.0.0.1 portion.
act cautiously because you are using 4 different ports: 27011, 27012, 27013, and 27017. omitting the port number will connect you to the wrong instance.
when done, kill the one you have tested from the terminal or execute a shutdown while in the mongo shell.
after making sure that all of your config files do work, you can then try enabling security. but obey the procedure adding the security. doing it in the wrong order will prevent your instances from starting (so you will also know where the problem is).
I am following the same steps as mentioned below
But Still I am getting this error: 2023-10-19T07:37:38.546+00:00: Access control is not enabled for the database. Read and write access to data and configuration is unrestricted
[/quote]