I'm trying to update the roles of a user.
So I tried the following command with the admin-user (which has the dbOwner and userAdmin priv. and is created directly on the UnitTestDb)
db.runCommand({ "updateUser" : "unittestuser1", "roles" : [{ "role" : "Testentity_readwrite", "db" : "UnitTestDb" }, { "role" : "Testentity_read", "db" : "UnitTestDb" }] }
I'm running this command directly on the "UnitTestDb" and the role "Testentity_read" is also directly created in this database.
I'm getting the following error:
{
"ok" : 0,
"errmsg" : "not authorized on UnitTestDb to execute command { updateUser: \"unittestuser1\", roles: [ { role: \"Testentity_readwrite\", db: \"UnitTestDb\" }, { role: \"Testentity_read\", db: \
"UnitTestDb\" } ] }", "code" : 13 }
I am able to update the customData for the user but not the role...
Can someone tell me which privilege or role my admin user needs to execute this update?
dbOwner should have full access to database he was created on ( from mongodb.org: The database owner can perform any administrative action on the database. This role combines the privileges granted by the readWrite, dbAdmin and userAdmin roles.)
Tobias
