Set User Credentials for General Ledger Utilities

Set user credentials for General Ledger (GL) utilities to connect to your MongoDB system. If you use multi-tenancy, you must set user credentials for each MongoDB-based Event Repository.

About this task

The MATRIXX GL utilities must connect to your MongoDB system to process MATRIXX events stored in the Event Repository and store GL daily summary records in a MongoDB database. When authorization is enabled on your MongoDB system, every connection to a MongoDB server requires a username and password with the appropriate access privileges. Setting user credentials for GL utilities involves:

Creating a MongoDB user in your MongoDB system to be used by both of the GL utilities and setting the username for this user in each GL utility properties file. If you use multi-tenancy, you might need to set user credentials more than once because multiple Event Repositories can be set up in the same MongoDB instance. MATRIXX support recommends one MongoDB user per tenant Event Repository. Each MongoDB user is given permission to access its own tenant Event Repository.
Encrypting the password given to the MongoDB user in each GL utility properties file.
Each GL utility gets the user ID and password required to connect to the MongoDB servers from its properties file.
(If needed) Resetting the password that a GL utility uses to connect to the MongoDB servers.

Procedure

Create a MongoDB user to be used by the GL utilities:
1. Start a mongo shell and connect to the primary mongod of your Event Repository.
  mongo
2. Add the GL utility (client) user by entering the following commands. Replace the value of the pwd field with your own password:
```
use admin

db.createUser(
    {
        user: "MtxApp",
        pwd: "your_password",
        roles: [{role: "read", db: "MtxEventDatabase"}, {role: "readWrite", db: "MtxGlDatabase"}]
    }
)
exit
```
  The password for the MtxApp user is required when you run the GL utilities to encrypt this password in each utility's properties file.
  
  Note: If special characters are used in the username or password when creating the MongoDB user, you must encode each special character to URL encoded format (percent encoding) when you set these credentials in GL utility configurations. For more information, see the discussion about URL encoding for special characters in MongoDB user names and passwords. To avoid URL encoding, use only alpha-numeric characters in MongoDB user names and passwords.
  If you use multi-tenancy, on the MongoDB instance for each tenant, you must also create a MongoDB user to be used for running the GL utilities. Assign the following roles to new users:
  - read role to the tenant's Event Repository.
  - readWrite to the tenant's GL database.

Encrypt the password of the MongoDB user created for the GL utilities:

Log into the machine from which you run the GL utilities and, before you use the utilities, run each utility once with its -p option:
```
java -jar /opt/mtx/bin/gl_processor.jar -p password gl_processor.yaml [tenantId]
java -jar /opt/mtx/bin/gl_posting.jar -p password gl_posting.yaml [tenantId]
```
where:
- password is the password given to the MongoDB user that was created for the GL utilities. If special characters were used in the password when creating the MongoDB user, you must encode each special character to URL encoded format here.
- gl_processor.yaml is the properties file for the gl_processor.jar utility.
- gl_posting.yaml is the properties file for the gl_posting.jar utility.
- tenantId is the tenant Event Repository to process events.

(If needed) Reset the password GL utilities use to connect to the MongoDB servers:

If you must reset the password, change the password for the MtxApp user in the MongoDB system and then run the utilities with the -p option using the new password you set for the MtxApp user in MongoDB.
Repeat these steps for each MongoDB instance, whether it is the base or the tenant instance.