1.mongodb4.0.4在windows7 64b x86安裝好之後，在mongodb目錄下（或者其他目錄）

建立db目錄（資料庫的資料儲存目錄），

log目錄，./log/mongo.log檔案（日誌檔案），

./mongod.cfg檔案（mongodb有一種啟動方式需要這個配置檔案作為啟動引數）：

systemLog:
    destination: file
    path: d:\mongodata\log\mongo.log
storage:
    dbPath: d:\mongodata\db
還有一些引數沒有配置，如“security: authorization: enabled”，表示需要通過使用者密碼驗證後進入mongo.exe(mongo客戶端），這裡省略表示可以隨意訪問mongodb

 2.mongo的服務端啟動方式：

在bin目錄可以通過mongod --help檢視mongod的命令引數

     --bind_ip  127.0.0.1    預設為127.0.0.1

     --port  27017  預設為27017， web 訪問埠，預設加1000

     --logpath  "D:\..."   指定日誌輸出路徑，預設為控制檯，windows中寫入服務時必須指定，linux中啟動時也必須指定

    --auth  以啟用使用者認證方式啟動資料庫

    --rest 可以開啟api

    --config  ./server.conf              指定配置檔案的位置（必須寫成絕對路徑）

啟動/關閉方式1：註冊安裝服務+conf檔案+net start xxx

(1)註冊服務，開啟通訊

>mongod --logpath "d:\mongodata\log\mongodb.log" --logappend -dbpath "d:\mongodata\db" --conf "d:\mongodb\mongd.conf" --serviceName "MongoDB01"  --install

>net start MongoDB01

服務名稱"MongoDB01"是自己定義的

此時伺服器在後臺成功註冊並且啟動網路通訊模組，可以通過mongo.exe命令連線服務端(without authentication)，或java的driver連線mongo (without authentication)

(2)關閉通訊，移除服務

>net stop MongoDB01

>mongod --remove --serviceName "MongoDB01"

此時無法連線mongodb

啟動/關閉方式2：前臺臨時啟動（cmd關閉或ctrl+c即可關閉服務）

>mongod --logpath "d:\mongodata\log\mongodb.log" --logappend -dbpath "d:\mongodata\db" --conf "d:\mongodb\mongd.conf" --serviceName "MongoDB01"

【mongodb 伺服器關閉】

>use admin

>db.shutdownServer(

 3.新增使用者名稱密碼許可權註冊（如果之前有install的服務，需要將之前註冊服務啟動的服務remove掉）：

注意db.addUser()方法已經deprecated,無法繼續使用

As per MongoDB BOL Enable Auth With access control enabled, ensure you have a user with userAdmin or userAdminAnyDatabase role in the admin database. This user can administrate user and roles such as: create users, grant or revoke roles from users, and create or modify customs roles.

You can create users either before or after enabling access control. If you enable access control before creating any user, MongoDB provides a localhost exception which allows you to create a user administrator in the admin database. Once created, you must authenticate as the user administrator to create additional users as needed.

Procedure

Here is the following procedure through which you can Enable Auth. First adds a user administrator to a MongoDB instance running without access control and then enables access control.

mongod --port 27017 --dbpath /data/db1

C:\Program Files\MongoDB\Server\3.6\bin>mongod --auth --port 27017 --dbpath /data/db1 2018-01-02T00:04:21.038-0700 I CONTROL [initandlisten] MongoDB starting : pid=8048 port=27017 dbpath=/data/db1 64-bit host=ACSD140013 2018-01-02T00:04:21.038-0700 I CONTROL [initandlisten] targetMinOS: Windows 7/Windows Server 2008 R2 2018-01-02T00:04:21.039-0700 I CONTROL [initandlisten] db version v3.6.0 2018-01-02T00:04:21.039-0700 I CONTROL [initandlisten] git version: a57d8e71e6998a2d0afde7edc11bd23e5661c915 2018-01-02T00:04:21.039-0700 I CONTROL [initandlisten] OpenSSL version: OpenSSL 1.0.1u-fips 22 Sep 2016 2018-01-02T00:04:21.039-0700 I CONTROL [initandlisten] allocator: tcmalloc 2018-01-02T00:04:21.039-0700 I CONTROL [initandlisten] modules: none 2018-01-02T00:04:21.039-0700 I CONTROL [initandlisten] build environment: 2018-01-02T00:04:21.039-0700 I CONTROL [initandlisten] distmod: 2008plus-ssl 2018-01-02T00:04:21.040-0700 I CONTROL [initandlisten] distarch: x86_64 2018-01-02T00:04:21.040-0700 I CONTROL [initandlisten] target_arch: x86_64 2018-01-02T00:04:21.040-0700 I CONTROL [initandlisten] options: { net: { port: 27017 }, security: { authorization: "enabled" }, storage: { dbPath: "/data/db1" } } 2018-01-02T00:04:21.044-0700 I - [initandlisten] Detected data files in /data/db1 created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'. 2018-01-02T00:04:21.044-0700 I STORAGE [initandlisten] wiredtiger_open config: create,cache_size=1508M,session_max=20000,eviction=(threads_min=4,threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),statistics_log=(wait=0),verbose=(recovery_progress), 2018-01-02T00:04:21.557-0700 I STORAGE [initandlisten] WiredTiger message [1514876661:556397][8048:140720576475904], txn-recover: Main recovery loop: starting at 1/35584 2018-01-02T00:04:21.677-0700 I STORAGE [initandlisten] WiredTiger message [1514876661:676479][8048:140720576475904], txn-recover: Recovering log 1 through 2 2018-01-02T00:04:21.792-0700 I STORAGE [initandlisten] WiredTiger message [1514876661:792524][8048:140720576475904], txn-recover: Recovering log 2 through 2 2018-01-02T00:04:23.008-0700 I CONTROL [initandlisten] 2018-01-02T00:04:23.008-0700 I CONTROL [initandlisten] ** WARNING: This server is bound to localhost. 2018-01-02T00:04:23.009-0700 I CONTROL [initandlisten] ** Remote systems will be unable to connect to this server. 2018-01-02T00:04:23.010-0700 I CONTROL [initandlisten] ** Start the server with --bind_ip <address> to specify which IP 2018-01-02T00:04:23.010-0700 I CONTROL [initandlisten] ** addresses it should serve responses from, or with --bind_ip_all to 2018-01-02T00:04:23.010-0700 I CONTROL [initandlisten] ** bind to all interfaces. If this behavior is desired, start the 2018-01-02T00:04:23.010-0700 I CONTROL [initandlisten] ** server with --bind_ip 127.0.0.1 to disable this warning. 2018-01-02T00:04:23.011-0700 I CONTROL [initandlisten] 2018-01-02T00:04:23.011-0700 I CONTROL [initandlisten] 2018-01-02T00:04:23.011-0700 I CONTROL [initandlisten] ** WARNING: The file system cache of this machine is configured to be greater than 40% of the total memory. This can lead to increased memory pressure and poor performance. 2018-01-02T00:04:23.011-0700 I CONTROL [initandlisten] See http://dochub.mongodb.org/core/wt-windows-system-file-cache 2018-01-02T00:04:23.012-0700 I CONTROL [initandlisten] 2018-01-02T10:04:23.320+0300 I FTDC [initandlisten] Initializing full-time diagnostic data capture with directory '/data/db1/diagnostic.data' 2018-01-02T10:04:23.322+0300 I NETWORK [initandlisten] waiting for connections on port 27017 2018-01-02T10:05:09.214+0300 I NETWORK [listener] connection accepted from 127.0.0.1:64482 #1 (1 connection now open)

Connect to the instance

For example, connect a mongo shell to the instance.

mongo --port 27017

Specify additional command line options as appropriate to connect the mongo shell to your deployment, such as --host.

Create the user administrator

For example here in the admin database, add a user with the userAdminAnyDatabase role. For example, the following creates the user myUserAdmin in the admin database:

> use admin
switched to db admin > use admin switched to db admin > db.createUser( ... { ... user: "mongoadmin", ... pwd: "mongoadmin", ... roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] ... } ... ) Successfully added user: { "user" : "mongoadmin", "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }

NOTE: The database where you create the user (in this example, admin) is the user’s authentication database. Although the user would authenticate to this database, the user can have roles in other databases; i.e. the user’s authentication database does not limit the user’s privileges.

Disconnect the mongo shell.

Re-start the MongoDB instance with access control

Re-start the mongod instance with the --auth command line option or, if using a configuration file, the security.authorization setting.

mongod --auth --port 27017 --dbpath /data/db1

Clients that connect to this instance must now authenticate themselves as a MongoDB user. Clients can only perform actions as determined by their assigned roles.

Connect and authenticate as the user administrator

Using the mongo shell, you can:

• Connect with authentication by passing in user credentials, or

• Connect first withouth authentication, and then issue the db.auth() method to authenticate.

To authenticate during connection Start a mongo shell with the -u <username>, -p <password>, and the --authenticationDatabase <database> command line options:

C:\Program Files\MongoDB\Server\3.6\bin>mongo --port 27017 -u "mongoadmin" -p "mongoadmin" --authenticationDatabase "admin" MongoDB shell version v3.6.0 connecting to: mongodb://127.0.0.1:27017/ MongoDB server version: 3.6.0 Welcome to the MongoDB shell. For interactive help, type "help". For more comprehensive documentation, see http://docs.mongodb.org/ Questions? Try the support group http://groups.google.com/group/mongodb-user 2018-01-02T10:05:09.248+0300 I STORAGE [main] In File::open(), CreateFileW for 'H:\\.mongorc.js' failed with Access is denied.

To authenticate after connecting

Connect the mongo shell to the mongod:

mongo --port 27017

Switch to the authentication database (in this case, admin), and use db.auth(, ) method to authenticate:

> use admin
switched to db admin > db.auth("mongoadmin","mongoadmin") 1 >

開啟許可權驗證
在配置檔案中新增.

security:
    authorization: enabled
參考：https://blog.csdn.net/u013066244/article/details/53874216
https://www.cnblogs.com/zhoujinyi/p/4610050.html