Blog
Token
About Us
AiDOOS Wiki
Project Cost Estimation

Welcome to Knowledge Base!

KB at your finger tips

This is one stop global knowledge base where you can learn about all the products, solutions and support features.

Categories
All
CRM
Salesforce
ERP
SAP
Storage and Backups
Purestorage Netapp Nutanix
Cloud
AWS
Computing
IBM
Database
MongoDB MySQL PostgreSQL
DevOps
Docker Kubernetes Jenkins GitLab
Mobile
React Native Android
Web
React Angular PHP
Programming
Python
Database-MongoDB
Configure MongoDB Agent for LDAP — MongoDB Cloud Manager

Configure MongoDB Agent for LDAP¶

On this page

  • Prerequisites
  • Create and Configure User in MongoDB

If your MongoDB deployment enforces access control, the MongoDB Agent must authenticate to MongoDB as a user with the proper access. If you use Automation , Cloud Manager takes care of this for you.

MongoDB Enterprise supports simple and SASL binding to LDAP servers via saslauthd and operating system libraries:

  • MongoDB Enterprise for Linux can bind to an LDAP server either via saslauthd or via operating system libraries.
  • MongoDB Enterprise for Windows can bind to an LDAP server via the operating system libraries.

MongoDB Agent support authenticating to MongoDB instances using LDAP .

Note

With Automation, Cloud Manager manages MongoDB Agent authentication for you. To learn more about authentication, see Enable LDAP Authentication for your Cloud Manager Project .

Prerequisites¶

Configure Deployments to Use Authentication¶

The MongoDB Agent interacts with the MongoDB databases in your deployment as a MongoDB user would. As a result, you must configure your MongoDB deployment and the MongoDB Agent to support authentication.

You can specify the deployment’s authentication mechanisms when adding the deployment, or you can edit the settings for an existing deployment. At minimum, the deployment must enable the authentication mechanism you want the MongoDB Agent to use. The MongoDB Agent can use any supported authentication mechanism .

Set Require TLS Certificate Environment Variable¶

On the MongoDB Agent hosts, you must set the TLS_REQCERT environment variable to demand .

Example

In a Red Hat Enterprise Linux host, open the /etc/openldap/ldap.conf file and add the following setting and value:

copy
copied 
TLS_REQCERT demand

You can use your application to set this environment variable.

Considerations¶

If Automation does not manage your deployment, you must configure LDAP authentication separately for each function.

To configure LDAP authentication , add a host or edit an existing host’s configuration.

Create and Configure User in MongoDB¶

To automate MongoDB instances that use LDAP authentication, add a MongoDB user that possesses the required roles and privileges to the $external database in MongoDB. The $external database allows mongod to consult an external source, such as an LDAP server, to authenticate.

Use the following commands to create the users from mongosh :

copy
copied 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
 
   db.getSiblingDB("$external").createUser(
     {
       user : "<username>",
       roles : [ 
         { role : "clusterAdmin", db : "admin" },
         { role : "readWriteAnyDatabase", db : "admin" },
         { role : "userAdminAnyDatabase", db : "admin" },
         { role : "dbAdminAnyDatabase", db : "admin" },
         { role : "backup", db : "admin" },
         { role : "restore", db : "admin" }
       ]
     }
   )

To learn more about the required access, see Required Access for MongoDB Agent .

MongoDB Cloud Manager — MongoDB Cloud Manager

MongoDB Cloud Manager ¶

What’s New

  • Support for write operation through the Interact with Your Data .

Welcome to the documentation for MongoDB Cloud Manager. Engineered by the team who develops MongoDB, Cloud Manager provides a complete package for managing MongoDB deployments.

Cloud Manager Overview
Describes Cloud Manager.
Create Deployments
Provision servers and create MongoDB deployments.
Manage Deployments
Manage and update your MongoDB deployments.
Migrate Deployments
Migrate your MongoDB deployments to MongoDB Atlas.
Monitor Your Deployments
Monitor your MongoDB deployments and manage alerts.
Backup and Restore
Initiate and restore backups.
Security
Describes Cloud Manager security features.
MongoDB Agent
View and manage Cloud Manager MongoDB Agent.
Organizations and Projects
Manage Cloud Manager organizations, projects, and users.
Account Management
Manage your Cloud Manager user account.
API
Manage Cloud Manager through the API.
Troubleshooting
Troubleshooting advice for common issues.
Frequently Asked Questions
Common questions about the operation and use of Cloud Manager.
Reference
Reference material for Cloud Manager components and operations.
Release Notes
Changelogs and notes on Cloud Manager releases.
Cloud Manager Licensing
Cloud Manager special licensing.
Read article
Remove a Process from Monitoring — MongoDB Cloud Manager

Remove a Process from Monitoring¶

On this page

  • Monitored Processes
  • Remove a Process from Monitoring

Monitored Processes¶

Removing a process from monitoring means Cloud Manager no longer displays its status or tracks its metrics. You must terminate the deployment’s backups before you can remove a monitored deployment.

Remove a Process from Monitoring¶

Follow this procedure to remove one monitored process from Cloud Manager.

1
2

Click Modify in the cluster from which you want to remove a process.¶

3

In Member Configuration , click the ellipsis icon next to the process that you want to remove and select Remove from Cluster

For replica sets, select Remove from Replica Set . For mongod processes in a sharded replica set, select Remove From Shard . For mongos processes, select Remove from Cluster .

4

Click Remove from Cluster in the verification dialog.¶

For replica sets, select Remove from Replica Set . For mongod processes in a sharded replica set, select Remove From Shard . For mongos processes, select Remove from Cluster .

5

Click Save

6

Click Review & Deploy to review your changes.¶

7

Click Confirm and Deploy to deploy your changes.¶

The process that you removed earlier now appears as a standalone process. However, mongos processes are automatically removed from the cluster and do not appear.

8

Click the ellipsis next to the standalone process, and select Remove from Cloud Manager.¶

Read article
Install the MongoDB Agent to Manage Deployments — MongoDB Cloud Manager

Install the MongoDB Agent to Manage Deployments¶

  • Windows
  • Ubuntu/Debian
  • RHEL/CentOS/SLES/AMZ
  • Linux

You have a project and want to install the MongoDB Agent to manage your MongoDB deployments. You can also monitor and back up your MongoDB deployments following this workflow.

Review the Prerequisites First

Please review the MongoDB Agent Prerequisites before installing the MongoDB Agent.

Use this procedure to install the MongoDB Agent on x86_64 architecture running Microsoft Windows:

1

Log in to the Cloud Manager.¶

2

Begin or Manage a Deployment.¶

Your project has no deployments and you see a prompt to get started.

  1. From the Build New Deployment menu, select the type of deployment you wish to add:

    • New Sharded Cluster
    • New Replica Set
    • New Standalone

  2. If, on the Create New <Deployment> page, Cloud Manager cannot detect any hosts with the MongoDB Agent installed, you see a banner displayed at the top of the Create New <Deployment> page.

    Click the see instructions link.

  3. From the Select Your Server’s Operating System menu, click Windows - MSI .

  4. Click Next .

3

Download the MongoDB Agent.¶

The MongoDB Agent Installation Instructions box displays the following information:

  • Project ID (Required for binding to a project)

  • API Key

    If you do not have an API Key, click plus icon Generate Key .

Some or all of these values are required in a later step. Copy these values then store them where you can access them later.

4

Install the MongoDB Agent.¶

  1. After the MSI downloads, double-click:

    mongodb-mms-automation-agent-<VERSION>.windows_x86_64.msi

  2. If a security warning appears, click Run .

  3. At the Configuration/Log Folder step

    Provide the directory into which these files are saved.

  4. At the Key Type step, select Agent API Key to bind to a specific project .

  5. Enter the appropriate agent keys.

    Note

    These keys are provided in the MongoDB Agent Installation Instructions modal described in the previous step.

    • Type your Project ID into the Project ID field.
    • Type your Agent API Key into the Agent API Key field.

  6. At the MongoDB Paths step, specify the Log and Backup directories

  7. At the Windows Firewall Configuration step, click your preferred firewall configuration.

    If you click Configure firewall rules allowing access from only the specified |ipaddr| addresses. , type the necessary IPv4 addresses into the provided box.

  8. (Conditional) Windows enables Stealth Mode for the Windows Firewall by default. If you have not disabled it on the MongoDB host on which you are installing the MongoDB Agent, you are asked to disable it. Stealth Mode significantly degrades the performance and capability of the MongoDB Agent. Click Disable Stealth Mode .

  9. (Conditional) Windows does not enable Disk Performance Counters by default. If you have not enabled Disk Performance Counters for the MongoDB host, click Enable Disk Performance Counters . The MongoDB Agent uses these counters for some of its hardware monitoring activities.

  10. Click Install .

  11. Click Finish once setup is complete.

5

Finish the installation of the MongoDB Agent.¶

In the Install Agent Instructions modal:

  1. Click Verify Agent to make sure the MongoDB Agent can connect to Cloud Manager.
  2. Click Done .
6

(Optional) Change the location of the MongoDB Agent binaries and configuration backup files.¶

By default, the MongoDB binaries and Cloud Manager configuration backup file are located in %SystemDrive%\MMSMongoDB\versions .

Note

Windows sets the %SystemDrive% environment variable to the drive on which you installed Windows. By default, you would be directed to install Windows on the C: drive. To find your %SystemDrive% , issue with following command from PowerShell:

copy
copied 
get-childitem env:SystemDrive

If you want to store these files in a different directory, follow these procedures:

To change the location of the MongoDB Agent Binaries

  1. Click Deployment , then Agents , and then Downloads & Settings .

  2. Below the Download Directory heading, click edit icon to the right of the path shown in Download Directory (Windows) .

  3. Change the path to the new path you want.

  4. Click Save .

  5. Create the new directory you specified on each host that runs an MongoDB Agent. Use Windows Explorer to move the file or issue the following command from a Command Prompt or PowerShell:

    copy
    copied 
    md \<newPath>

    Important

    Make sure the system user that runs the MongoDB Agent can write to this new directory. This is usually the SYSTEM user, which requires no additional configuration unless you changed the user.

To change the location of the MongoDB Agent configuration backup

  1. Open the MongoDB Agent configuration file in your preferred text editor.

  2. Change the mmsConfigBackup setting to the new path for the configuration backup file. Replace X with the drive letter on which your backup is stored.

    copy
    copied 
    mmsConfigBackup=X:\<newPath>\mms-cluster-config-backup.json

  3. Save the MongoDB Agent configuration file.

  4. Move the configuration backup file to the new directory. Use Windows Explorer to move the file or issue the following command from a Command Prompt or PowerShell:

    copy
    copied 
    move %SystemDrive%\MMSMongoDB\versions\mms-cluster-config-backup.json \<newPath>
7

Repeat the installation procedure for each MongoDB host.¶

Read article
Return All Connected Organizations — MongoDB Cloud Manager

Return All Connected Organizations¶

On this page

  • Required Roles
  • Resource
    • Request Path Parameters
    • Request Query Parameters
    • Request Body Parameters
  • Response
    • Response Document
    • results Embedded Document
  • Example Request
  • Example Response

The federationSettings resource allows you to return all connected organizations for a federated authentication configuration.

Base URL: https://cloud.mongodb.com/api/public/v1.0

Required Roles¶

You must have the Organization Owner role for at least one connected organization in the federation configuration to call this endpoint.

Resource¶ 

GET /federationSettings/{FEDERATION-SETTINGS-ID}/connectedOrgConfigs/

Request Path Parameters¶

Name Type Description
FEDERATION-SETTINGS-ID string Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

Request Query Parameters¶

The following query parameters are optional:

Name Type Necessity Description Default
pageNum number Optional One-based integer that returns a subsection of results. 1
itemsPerPage number Optional Number of items to return per page, up to a maximum of 500. 100
pretty boolean Optional Flag that indicates whether the response body should be in a prettyprint format. false
envelope boolean Optional

Flag that indicates whether or not to wrap the response in an envelope.

Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope : true in the query.

For endpoints that return a list of results, the results object is an envelope. Cloud Manager adds the status field to the response body.

false

Request Body Parameters¶

This endpoint does not use HTTP request body parameters.

Response¶

Response Document¶

The response JSON document includes an array of result objects, an array of link objects and a count of the total number of result objects retrieved.

Name Type Description
results array of objects One object for each item detailed in the results Embedded Document section.
links array of objects One or more links to sub-resources and/or related resources. All links arrays in responses include at least one link called self . The relationships between URL s are explained in the Web Linking Specification .
totalCount integer Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated.

results Embedded Document¶

Each document in the result array contains the federated authentication configuration for each connected organization.

Name Type Description
domainAllowList array List that contains the approved domains from which organization users can log in.
domainRestrictionEnabled boolean

Flag that indicates whether domain restriction is enabled for the connected organization.

Note

userConflicts returns null when "domainRestrictionEnabled": false .

identityProviderId string Unique 20-hexadecimal digit string that identifies the identity provider associated with the connected organization.
orgId string Unique 24-hexadecimal digit string that identifies the connected organization.
postAuthRoleGrants array List that contains the default roles granted to users who authenticate through the IdP in a connected organization.
roleMappings array List that contains the role mappings configured in this organization.
userConflicts array

List that contains the usernames that don’t match any domain on the allowed list.

Note

userConflicts returns null when "domainRestrictionEnabled": false .

Example Request¶

copy
copied 
curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \
     --header "Accept: application/json" \
     --header "Content-Type: application/json" \
     --include \
     --request GET "https://<OpsManagerHost>:<Port>/api/public/v1.0/federationSettings/{FEDERATION-SETTINGS-ID}/connectedOrgConfigs"

Example Response¶ 

{
 "links": [
     {
         "href": "https://<OpsManagerHost>:<Port>/api/public/v1.0/federationSettings/{FEDERATION-SETTINGS-ID}/connectedOrgConfigs?pageNum=1&itemsPerPage=100",
         "rel": "self"
     }
 ],
 "results": [
     {
         "domainAllowList": [],
         "domainRestrictionEnabled": false,
         "identityProviderId": null,
         "orgId": "5f86fb11e0079069c9ec3132",
         "postAuthRoleGrants": [],
         "roleMappings": [],
         "userConflicts": null
     }
 ],
 "totalCount": 1
}
Read article
Disks — MongoDB Cloud Manager

Disks¶

Retrieves the disks and disk partitions on which MongoDB runs.

Base URL: https://cloud.mongodb.com/api/public/v1.0

Endpoints¶

The following endpoints are available for hosts .

Method Endpoint Description
GET /groups/{PROJECT-ID}/hosts/{HOST-ID}/disks Retrieves all disk partitions on the specified host.
GET /groups/{PROJECT-ID}/hosts/HOST-ID/disks/{PARTITION-NAME} Retrieves a single disk parition.
Read article