Hi, If we create roles and users and index based permissions with trial version of enterprise and after that trail is over, can we disable enterprise modules and use the same roles and users in community mode…?? will that work or only admin role will work in community mode??
How to remove admin user from sg??
How to change password of admin user…??
Hi @sivakumarreddy2026
The roles, users and index based permissions will work, as these are part of the Community edition, the recommended approach would be to back up all of your configurations to a yaml file prior to making any changes with modules, just in case.
This is very easily done using the sgadmin.sh script with -r (–retrieve) argument, see example below:
./sgadmin.sh -icl -key "path/to/config/kirk-key.pem" -cert "path/to/config/kirk.pem" -cacert "path/to/config/root-ca.pem" -nhnv -r
If these are saved to sgconfig folder, they can then be loaded back to SG index using below command:
./sgadmin.sh -cd "path/to/plugins/search-guard-7/sgconfig" -icl -key "path/to/config/kirk-key.pem" -cert "path/to/config/kirk.pem" -cacert "path/to/config/root-ca.pem" -nhnv
To remove admin user, simple delete (or comment) the lines in the internal_users.yml file and re-upload using above command, please note if you made changes via UI or API, these will be overwritten, therefore backup is again advised.
In order to change the password, please use the hash.sh script provided to generate the necessary string and update the internal_users.yml file same way as mentioned above. Don’t forget to re-upload the configuration after.
by running sgadmin.sh we are getting
Error:could not load main class com.floragunn.searchguard.tools.SearchGuardAdmin error
added java_home as elasticsearch jdk path but no use
tried below command with sgadmin_demo.sh
#!/bin/bash
export JAVA_HOME=…/elasticsearch/elasticsearch-7.10.2/jdk
“…/elasticsearch/elasticsearch-7.10.2/plugins/search-guard-7/tools/sgadmin.sh” -cd “…/elasticsearch/elasticsearch-7.10.2/plugins/search-guard-7/sgconfig” -icl -key “…/elasticsearch/elasticsearch-7.10.2/config/kirk-key.pem” -cert “…/elasticsearch/elasticsearch-7.10.2/config/kirk.pem” -cacert “…/elasticsearch/elasticsearch-7.10.2/config/root-ca.pem” -nhnv
still no use
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.