MongoDB: Server has startup warnings ''Access control is not enabled for the database''

I firstly installed MongoDB 3.4.1 today. But when I start it and use MongoDB shell, it gave me these warnings below:

C:\Users\hs>"C:\Program Files\MongoDB\Server\3.4\bin\mongo.exe
MongoDB shell version v3.4.1
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.1
Server has startup warnings:
2017-01-12T21:19:46.941+0800 I CONTROL [initandlisten]
2017-01-12T21:19:46.942+0800 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database.
2017-01-12T21:19:46.942+0800 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted.
2017-01-12T21:19:46.942+0800 I CONTROL [initandlisten]
my computer is Microsoft Windows [`version 10.0.14393`].

Mongodb v3.4

You need to do the following to create a secure database:

Make sure the user starting the process has permissions and that the directories exist (`/data/db` in this case).

1) Start MongoDB without access control.

mongod --port 27017 --dbpath /data/db

2) Connect to the instance.

mongo --port 27017

3) Create the user administrator *(in the admin authentication database)*.

use admin
db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)

4) Re-start the MongoDB instance with access control.

mongod --auth --port 27017 --dbpath /data/db

5) Connect and authenticate as the user administrator.

mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"

6) Create additional users as needed for your deployment *(e.g. in the test authentication database)*.

use test
db.createUser(
{
user: "myTester",
pwd: "xyz123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
}
)

7) Connect and authenticate as myTester.

mongo --port 27017 -u "myTester" -p "xyz123" --authenticationDatabase "test"

I basically just explained the short version of the official docs here:

[To see links please register here]

You need to delete your old db folder and recreate new one. It will resolve your issue.

you can create an admin user or another [role][1].
run it on mongo shell.

db.createUser({user: "username", pwd: "password", roles: ["dbAdmin"]})

if you get SCRAM-SHA-256error you can set the SHA-1 mechanism.

db.createUser({user: "username", pwd: "password", roles: ["dbAdmin"], mechanisms: ["SCRAM-SHA-1"]})

[1]:

[To see links please register here]

OMG, what a gas plant, that top answer!

All you need to do is to:

1. Edit your config, e.g. `C:\Program
Files\MongoDB\Server\4.4\bin\mongodb.cfg`
2. Turn the `security: authorization:` to `enabled`, as illustrated; note that this sub-entry may be missing completely. Just add it then.
3. Restart your `MongoDB Server` service from the Windows **Services** control panel.

[![enter image description here][1]][1]

Obviously, if, following this, set up a read/readWrite role-based policy, that will make much more sense.

[1]:

Ref:

[To see links please register here]

I've just tested this using phpunit, works as expected.