Views: 1257
Below is what I did for Windows installation with Password Security.
You can easily install MongoDB on Windows Server 2016 on AWS Marketplace: https://aws.amazon.com/marketplace/pp/B07B5KMNMB
Install the MSI that you download from official mongodb site.
After that it still needs some work
Run in CMD window not powershell..
“C:\Program Files\MongoDB\Server\3.6\bin\mongod.exe” –config “C:\Program Files\MongoDB\Server\3.6\mongod.cfg” –install
gives error
Expected boolean switch but found string: True for option: net.bindIpAll
try ‘c:\Program Files\MongoDB\Server\3.6\bin\mongod.exe –help’ for more information
when config is
systemLog:
destination: file
path: c:\data\log\mongod.log
storage:
dbPath: c:\data\db
#security:
# authorization: enabled
net:
port: 27017
bindIpAll: True
Changed it to
bindIp: 0.0.0.0
Even though I created the dir per Windows instructions
Then is gives permissions related error, legitimately
F CONTROL [main] Failed global initialization: FileNotOpen: Failed to open “c:\data\log\mongod.log”
Didnt realize that I hadn’t created the log directory, which the config file referred to. also this is not in the instructions.
In order to install secure passworded users, you need to create the user and password before enabling security in the mongodb.cfg file
mongo admin
from the Mongo CLI prompt, add a root user that can create databases
db.createUser(
{
user: “charming”,
pwd: “INSTANCE-ID”,
roles: [ { role: “root”, db: “admin” } ]
}
);
db.createUser(
{
user: “ROOT-USERNAME”,
pwd: “SECURE-PASSOWORD”,
roles: [ { role: “root”, db: “admin” } ]
}
);
Optionally, you can give root access to the “and existing ” user. We use charming, to remind you how nice we are.
db.updateUser(
“charming”,
{
roles : [ { role: “root”, db: “admin” } ]
}
);
INstructions from MongoDB 3.2 from Charming: http://charmingcloud.net/install-mongodb-on-windows-with-security/
https://docs.mongodb.com/manual/reference/method/db.createUser/
powershell -noprofile -executionpolicy bypass -file PATHTOYOURSCRIPT ; i-00bf46c6cd9b267edSYTrEaFAOVuDqRXeis?xGDPGrFK&P7ol
-ExecutionPolicy Bypass –NoProfile –Command “& {C:\ProgramData\ORGNAME\scripts\SetDNS.ps1; exit $LastExitCode}” > C:\ProgramData\ORGNAME\scripts\SetDNS.logRun
Run password reset script in task Scheduler as user System
command is powershell
extension is the rest
-ExecutionPolicy Bypass –NoProfile –file PATHTOSCRIPT
-ExecutionPolicy Bypass –NoProfile –Command SHELLCOMMAND
There are 3 things to remember to do to prepare Windows 2016 Server as AMI. After doing the Windows Task Scheduler as user SYSTEM
- Reset DB passwords for apps to reset Db passwords to Instance ID.
- C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
- C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\SysprepInstance.ps1 -NoShutdown
Might first require running allow PowerShell scripts script
Run the password reset PS scripts with
Source: MongoDB: Setting up Windows Service – Stack Overflow