NetWitness 11.x NRT Backup Fails during Mongo DB Dump Process

Issue

The following Mongo dump command fails on the newly activated primary server when trying to dump Mongo database.

 mongodump --ssl --sslAllowInvalidHostnames --sslPEMKeyFile=/etc/pki/nw/node/nodeadmin.pem --sslCAFile=/etc/pki/nw/trust/truststore.pem --authenticationDatabase=\$external --authenticationMechanism=MONGODB-X509 --out=/var/netwitness/login-extraction/mongo --gzip

The following error throws up while trying to dump Mongo databases:

 Failed: error creating intents to dump: error intents for database config: error getting collections fro database config: (Unauthorized) not authorized on config to execute command { listCollections: 1. filter: {}, lsid { id: UUID("<UUID>"), db: "config" }

Cause

The newly activated (previous standby) server cannot run a sync to the new standby server since the backup role permissions are not set.

Resolution

Execute the following commands on the Admin Node to add role permissions to the x509 user in Mongo $external database:

1. Login to mongo databse:

 mongo admin -u deploy_admin -p [deploy_admin password]

2. Execute the following commands:

 #use $external
#db.grantRolesToUser('CN=node-admin.<UUID>,OU=NetWitness System,O=RSA,L=Reston,ST=VA,C=US', [{ role: "restore", db: "admin" }])
#db.grantRolesToUser('CN=node-admin.<UUID>,OU=NetWitness System,O=RSA,L=Reston,ST=VA,C=US', [{ role: "backup", db: "admin" }])
#db.grantRolesToUser('CN=node-admin.<UUID>,OU=NetWitness System,O=RSA,L=Reston,ST=VA,C=US', [{ role: "clusterManager", db: "admin" }])

Product Details

RSA Product Set: NetWitness Platform
RSA Product/Service Type: RSA NetWitness Platform
RSA Version/Condition: 11.6.x,11.7.X
Platform: CentOS
O/S Version: 7

Approval Reviewer Queue

Technical approval queue