Users gone after using securityadmin.sh

Hi,

whenever I change users and roles in Kibana everything works fine and is written to .opendistro security index.

However, when I run .securityadmin.sh all users are reset and all roles I have set are also gone.

securityadmin.sh -h hostname.local -cd …/securityconfig/ -icl -nhnv -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/admin.pem -key /etc/elasticsearch/admin-key.pem

Is there a way to reload via securityadmin.sh but keep the changes i made via kibana?

you are reloading the entire /securityconfig/ directory which contains the default roles.yml …etc… use the -f flag and specify config.yml instead of the entire dir

So i will lose configuration from kibana when i use securityadmin.sh?

I use ldap for authenticate my user in OD. do i need to setup every role and mapping again after running the script?

Can i export the settings i did to the .yml files?

So i will lose configuration from kibana when i use securityadmin.sh?

No, if you only load the config.yml instead of the entire /securityconfig/ dir you will retain your configured Kibana roles

do i need to setup every role and mapping again after running the script?

No

Can i export the settings i did to the .yml files?

You can back up the User and Roles files https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/security-admin/#backup-restore-and-migrate

Here is the script I use when I reboot my cluster that does not erase any of the users and roles

./securityadmin.sh -h YOUR-HOST -cn YOUR-CLUSTER-NAME -f ../securityconfig/config.yml -nhnv -cacert ../../../config/root-ca.pem -cert ../../../config/admin.pem -key ../../../config/admin-key.pem
1 Like