db.adminCommand 'root' Not Authorized

When attempting to db.adminCommand (in the ‘admin’ db ) we receive “Not authorized” error. User is granted ‘root’ privilege on ‘admin’ db. Can anyone explain what I’m missing here? Appreciate any input on this one. Scratching my head on this one one.

use admin
db.createUser(
{
user: “${MONGO_UID}”,
pwd: “${MONGO_PASSWORD}”,
roles: [ { role: “root”, db: “admin” } ]
}
);
use bigdb;
db.createUser(
{
user: “${MONGO_UID}”,
pwd: “${MONGO_PASSWORD}”,
roles: [ { role: “dbOwner”, db: “bigidb” } ]
}
);

Logged in as the abover user (MONGO_UID):
Command: db.adminCommand( { setFeatureCompatibilityVersion: “4.0” } )
Output: > db.adminCommand( { setFeatureCompatibilityVersion: “4.0” } )
{
“ok” : 0,
“errmsg” : “not authorized on admin to execute command { setFeatureCompatibilityVersion: “4.0”, lsid: { id: UUID(“a65b9985-85a4-4878-8b77-72d7f10d3a2c”) }, $db: “admin” }”,
“code” : 13,
“codeName” : “Unauthorized”
}

Just a thought… Could you show the command that you are using to login to the database? I see you have two MONGO_UID users on different databases. Is it possible you are authenticating against the wrong database (bigdb not admin)?

Also for use DB you used bigdb
But roles is showing db as bigidb
Which is correct?

Thank you. You’re question was enough to make me think along those lines. And yes it authenticating against the ‘bigdb’ database. Once changed to ‘admin’ auth all proper privs were in place.

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.