@MongoDB: Setting up @Windows 2016 Server, Soon Linux too

Views: 1246

Below is what I did for Windows installation with Password Security.

You can easily install MongoDB on Windows Server 2016 on AWS Marketplace:    https://aws.amazon.com/marketplace/pp/B07B5KMNMB

 

Install the MSI that you download from official mongodb site.

After that it still needs some work

Run in CMD window not powershell..

“C:\Program Files\MongoDB\Server\3.6\bin\mongod.exe” –config “C:\Program Files\MongoDB\Server\3.6\mongod.cfg” –install

gives error

Expected boolean switch but found string: True for option: net.bindIpAll
try ‘c:\Program Files\MongoDB\Server\3.6\bin\mongod.exe –help’ for more information

when config is

 

systemLog:
destination: file
path: c:\data\log\mongod.log
storage:
dbPath: c:\data\db
#security:
# authorization: enabled
net:
port: 27017
bindIpAll: True

Changed it to

bindIp: 0.0.0.0

Even though I created the dir per Windows instructions

Then is gives permissions related error, legitimately

F CONTROL [main] Failed global initialization: FileNotOpen: Failed to open “c:\data\log\mongod.log”

Didnt realize that I hadn’t created the log directory, which the config file referred to. also this is not in the instructions.

 

In order to install secure passworded users, you need to create the user and password before enabling security in the mongodb.cfg file

mongo  admin

from the Mongo CLI prompt, add a root user that can create databases

 

db.createUser(
{
user: “charming”,
pwd: “INSTANCE-ID”,
roles: [ { role: “root”, db: “admin” } ]
}
);

db.createUser(

{

user: “ROOT-USERNAME”,

pwd: “SECURE-PASSOWORD”,

roles: [ { role: “root”, db: “admin” } ]

}

);

Optionally, you can give root access to the “and existing ” user. We use charming, to remind you how nice we are.

db.updateUser(
“charming”,
{
roles : [ { role: “root”, db: “admin” } ]
}
);

INstructions from MongoDB 3.2 from Charming: http://charmingcloud.net/install-mongodb-on-windows-with-security/

https://docs.mongodb.com/manual/reference/method/db.createUser/

 

powershell -noprofile -executionpolicy bypass -file PATHTOYOURSCRIPT  ; i-00bf46c6cd9b267edSYTrEaFAOVuDqRXeis?xGDPGrFK&P7ol

-ExecutionPolicy Bypass –NoProfile –Command “& {C:\ProgramData\ORGNAME\scripts\SetDNS.ps1; exit $LastExitCode}” > C:\ProgramData\ORGNAME\scripts\SetDNS.logRun

Run password reset script in task Scheduler as user System

command is powershell

extension is the rest

-ExecutionPolicy Bypass –NoProfile –file PATHTOSCRIPT

-ExecutionPolicy Bypass –NoProfile –Command SHELLCOMMAND

 

There are 3 things to remember to do to prepare Windows 2016 Server as AMI. After doing the Windows Task Scheduler as user SYSTEM

  • Reset DB passwords for apps to reset Db passwords to Instance ID.
  • C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
  • C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\SysprepInstance.ps1 -NoShutdown

Might first require running allow PowerShell scripts script

Run the password reset PS scripts with

Source: MongoDB: Setting up Windows Service – Stack Overflow

Leave a Reply