Enable Authentication

Authentication needs to be enabled only on the Primary server. The Secondary servers are automatically updated as they are part of the replica set.

To enable the authentication, perform the following steps:

  1. Go to the primary server in the replica set.
  2. Open the Command Prompt as Administrator and execute the command below:
    mongosh --host x.x.xx.x1 --port 27017
  3. Execute the command below:
    MongoDBMongoDB Enterprise replicaTest:PRIMARY>use admin
  4. Execute the command below. Make the following changes in the values before execution:
    • user:<username>
    • pwd :<password>
    Note:
    (Choose any password for the corresponding user for MongoDB authentication.)
    MongoDBMongoDB Enterprise replicaTest:PRIMARY>db.createUser(
{
user: "<username>",
pwd: "<password>",
roles: [ {role: "userAdminAnyDatabase", db: "admin" }, { role: "root", db: "admin" }, "readWriteAnyDatabase" ]
}
)
On successful execution, you will get {ok: 1 } message.
  5. After this, it is successfully executed in the primary server of replica set.
  6. Open the Command Prompt as Administrator in primary server and execute the command below.
    openssl rand -base64 756 > < Go to Path mongo/data/config >\mongo-keyfile
 for e.g. –
 openssl rand -base64 756 > C:\mongo\data\config\mongo-keyfile
  7. On successful execution you can find a new file in path mongo\data\config named mongo-keyfile.
  8. Copy this file named “mongo-keyfile” and paste in all secondary servers in same path inside mongo\data\config
  9. Make the following changes in mongod.cfg of all the servers that are part of replica set.
  10. Go to folder mongo/data/config, open the file mongod.cfg and make the following changes:
    Note:
    Please preserve the space and indentations as shown below. Ensure that editing is done in notepad++

    In the security header, enter the following values:

    security:
authorization: "enabled"
keyFile: "C:/mongo/data/config/mongo-keyfile"
    Note:
    KeyFile should have <path where mongo-keyfile is created>
  11. Refer the screenshot below:
    Figure 1. MongoDB Installation - Enterprise Version (HA)
    A close up of a computer screen Description automatically generated
  12. Close the terminal and restart the MongoDB service of all the servers in the replica set.
  13. On all the server’s part of the replica set, open the Command Prompt as Administrator and open the MongoDB terminal using the following command:
    mongosh --host <IP> --port <Port> -u <username> -p <password> --authenticationDatabase "admin"
For e.g.
mongosh --host x.x.xx.x1 --port 27014 -u <username> -p <password> --authenticationDatabase "admin"
mongosh --host x.x.xx.x2 --port 27015 -u <username> -p <password> -authenticationDatabase "admin"
mongosh --host x.x.xx.x3 --port 27016 -u <username> -p <password> --authenticationDatabase "admin"

  14. Connection with MongoDB should be successfully established on both primary and secondary servers.