The following Mongo dump command fails on the newly activated primary server when trying to dump Mongo database.
mongodump --ssl --sslAllowInvalidHostnames --sslPEMKeyFile=/etc/pki/nw/node/nodeadmin.pem --sslCAFile=/etc/pki/nw/trust/truststore.pem --authenticationDatabase=\$external --authenticationMechanism=MONGODB-X509 --out=/var/netwitness/login-extraction/mongo --gzip
The following error throws up while trying to dump Mongo databases:
Failed: error creating intents to dump: error intents for database config: error getting collections fro database config: (Unauthorized) not authorized on config to execute command { listCollections: 1. filter: {}, lsid { id: UUID("<UUID>"), db: "config" }
Execute the following commands on the Admin Node to add role permissions to the x509 user in Mongo $external database:
1. Login to mongo databse:
mongo admin -u deploy_admin -p [deploy_admin password]
2. Execute the following commands:
#use $external
#db.grantRolesToUser('CN=node-admin.<UUID>,OU=NetWitness System,O=RSA,L=Reston,ST=VA,C=US', [{ role: "restore", db: "admin" }])
#db.grantRolesToUser('CN=node-admin.<UUID>,OU=NetWitness System,O=RSA,L=Reston,ST=VA,C=US', [{ role: "backup", db: "admin" }])
#db.grantRolesToUser('CN=node-admin.<UUID>,OU=NetWitness System,O=RSA,L=Reston,ST=VA,C=US', [{ role: "clusterManager", db: "admin" }])
