zocada

Getting Started with MongoDB – Setting up admin and user accounts

Setting up the MongoDB client we installed on our system is really an easy task. Hope you have a fresh install ready for your system, or please follow our instructions on installing MongoDB. As we know MongoDB is a powerful NoSQL document-oriented database program. It is designed for high volume data storage and management. So, we’ll start off our setup process by starting up the mongod in a separate terminal.

Type in the following command to start the process.

mongod

or

sudo service mongod start

You will be able to see some of the log messages on the screen similar to this. Don’t worry if it shows any error, it is because most probably the service will be already running on the same port.

mongod-shell
Starting mongod process
 



Getting started with Mongo Shell

Once you made sure that MongoDB is running, we can jump into the mongo shell for further configurations and operations. We can start the mongo shell and connect to the running instance if MongoDB in the same system. So, what is a Mongo shell?

The mongo shell is an interactive JavaScript interface to MongoDB. You can use the mongo shell to query and update data as well as perform administrative operations.

To start the Mongo Shell, simply type the following command on a new terminal.

mongo

You will see a few messages including the current MongoDB and Mongo Shell version and prompt > waiting for any commands.

mongo-shell
Mongo Shell

Now, we’ll start off by creating users and restricting unauthorized access to our database. Since we already started the mongod service without access control [default], we can continue to the next step.

Creating the user Administrator

We need to create an admin user in the admin database with userAdminAnyDatabase privilege. To do this we’ll first use the admin database. Use the following code in the mongo shell to use the admin database, if the database doesn’t exist, MongoDB will create the particular database and use it.

use admin

make sure you get the message stating Switched to db admin

Now, we’ll use the createUser() function to create an admin user. Type the following command in the mongo shell to create the admin user.

db.createUser(
  {
    user: "myUserAdmin",
    pwd: "abc123",
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
  }
)
creating-user-admin-mongo
Creating user admin

Once we finish creating the userAdministrator we can start the mongod instance with access control. Now close the shell by typing exit. Then restart the mongod instance using the following command in the terminal after closing the running instance on the other terminal using ctrl + C .

mongod --auth --port 27017

Fire up the mongo shell in another terminal using the following command to authenticate as user administrator.

mongod --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"

The userAdministrator user has only permission to create and manage the database users. If you try to read or write in the database using userAdministrator user MongoDB will return an error. So, we need to create additional users with roles to read and write on the database.


Creating database users

We’ll start off by creating a test database, using the following code in mongo shell.

use test

As I said earlier, if we use the above code, MongoDB will create the “test” database if it doesn’t exist and switches to that DB.

We can use the db.createUser() function to create an user for this db. Note that, the keyword db referes to the current db we are working on. In this case its the “test” db we switched earlier to.

db.createUser(
  {
    user: "testUser",
    pwd: "xyz123",
    roles: [ { role: "readWrite", db: "test" },
             { role: "read", db: "reporting" } ]
  }
)
creating-user-mongo
Creating user in test DB

We can now log in to the database as the “testUser” with read and write access to the “test” DB. Close the current mongo shell instance by using exit command and type the following command in the terminal.

mongo --port 27017 -u "testUser" -p "xyz123" --authenticationDatabase "test"

To view the current DB you are working in, use the db command in the mongo shell. In this case, we should be able to see “test” printed out.


haxzie

Community Lead with a demonstrated history of working in a non-profit organization. Skilled in Python, Public Speaking, Graphic Design, Writing, and Android Development. Strong community and social services professional with a Bachelor's degree focused in Computer Science from Sahyadri College of Engineering and Management.