What MongoDB user privileges do I need to add a user to a new/another mongo database?

The mistake made was that I was using an userAdminAnyDatabase user that was NOT in the admin database (see this note). So there MUST be a database called admin on your server! As the documentation says for the "AnyDatabase" privileges:

If you add any of these roles to a user privilege document outside of the admin database, the privilege will have no effect.

So you must:

add a userAdminAnyDatabase to the admin db

$ mongo admin
> db.createUser({ user: "myadmin", pwd: "1234", roles: ["userAdminAnyDatabase"] })

turn on authentication

auth = true
setParameter = enableLocalhostAuthBypass=0

connect using the new myadmin user to any database you want and add further users:

$ mongo another -u myadmin -p 1234
> db.createUser({ user: "user", pwd: "1234", roles: ["readWrite"] })

> use another
> db.createUser({ user: "user", pwd: "1234", roles: ["readWrite"] })

What MongoDB user privileges do I need to add a user to a new/another mongo database?

Tags:

Security

Access Control

Privileges

Mongodb

Related

Recent Posts