HI! everyone i’m just a newbie to MongoDB. I got this problem, i have granted to the role to a specific user for specific database. But the user doesn’t play their role.
@Ramachandra_Tummala yes ! i know I haven’t enabled security, so i i edit the mongod.cfg (open with WordPad_) and found #security field is leave empty. So i put on authorization:“enabled” and ctrl +S. But it notification with this: Access to C:\Program Files\MongoDB\Server\4.2\bin\mongod.cfg was denied !
I cannot enable permission on C:\Program Files\MongoDB\Server\4.2\bin\mongod.cfg. Maybe i use mongoDB on local host ? i tried to open properties -> security and grant all access. But i cannot save what i change! i tried to save another file (.cfg) at the same C:\Program Files\MongoDB\Server\4.2\bin\ BUT it said contact adminstrator to do that and if i save on another disk like D:\ it success
I understood that you have not enabled access control as it was clearly mentioned in your first post
What was not clear to me was your comment “I tried to enable but work nothing”
So i was trying to understand how you started mongod like from command line or using config file etc.That’s why asked you explain more on it
Anyway from your latest post it is clear the issue is with file permissions/privileges issue
You should have admin privs to edit cfg file(it is read only)
Yes try on local host with your own config file placed on different drive.I think you already did this and confirmed success
1st: i create user admin2 has role: read
2nd: exit the shell
3rd: i login with username admin2 and success
4th i use database testAuthentication that has user “admin2”
5th i insert to the collection of database testAuthentication and success which was not the role of user i logined!
Your snapshot clearly shows you have not enabled access control
Just adding security param in the config file is not enough
Did you restart your mongod after config changes?
How did you start your mongod?or it was up and running already
Why you are using mongod running on default port 27017
You mentioned you will use separate config file and D drive for your testing
You can start your own mongod on a different port with minimum parameters in the config file
or
spin up a mongod from command line
mongod --port --dbpath bind_ip --auth
Once instance is up login with localhost exception
Create root user
login with root user
Then create other user with required role
do we have to create new admin user every time we start mongod to enable access control. or is there any command to login with previous made admin user?