在mongo db4.x 中，或mongo db cluser中，如果admin密碼忘記了，必須按下面的步驟來做。
思路為註釋掉security認證部分，重啟mongo server, 重建admin使用者,再開啟security，重啟mongo server,就OK了

on master and slave mongo DB hosts, 
1) vi /etc/mongod.conf
註釋下面的內容
#security:
# clusterAuthMode: keyFile
# keyFile: /data/mongodb/key/repl_set.key
# authorization: enabled
 
然後重新啟動 mongodb servers 
2) systemctl restart mongod

on master host，  
3) 連線到master上
mongo --host <master MongoDB IP>
MongoDB shell version v4.0.3
connecting to: mongodb://xxxx
Implicit session: session { "id" : UUID("08e62bd1-15e3-4230-bd70-4a1bf2808478") }
MongoDB server version: 4.0.3
bpmRepSet:PRIMARY> 

4) 執行下面的操作去重新建立admin使用者
use admin
db.system.users.find()
db.dropUser("admin")
db.system.users.remove({user:"admin"}) 
db.createUser({user:"admin",pwd:"yourpass",roles:["readWrite"]})
db.grantRolesToUser("admin",[{ role: "clusterAdmin", db: "admin" }]);
db.grantRolesToUser("admin",[{ role: "userAdminAnyDatabase", db: "admin" }]);

on master and slave mongo DB hosts, 
5) vi /etc/mongod.conf
//開啟下面的內容
security:
 clusterAuthMode: keyFile
 keyFile: /data/mongodb/key/repl_set.key
 authorization: enabled
 
然後重新啟動 mongodb servers 
6) systemctl restart mongod

on master host，  
7) 連線到master上
mongo --host <master MongoDB IP>
> use admin
> db.auth("admin","yourpass")

如果允許slave 讀操作，則在slave上執行 rs.slaveOk(); 就OK