If basic authentication is used, Is there a way to export users(accounts) defined with Kibana ?
If yes, is it possible to import the same list again?
Hello davor_mk !
You can use the securityadmin.sh tool found at :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh
First read the official documentation : [Open Distro for Elasticsearch ] Security Admin tool documentation
If you want to export internal_users file configuration, you can use the tool like that :
I’m using the default demo certificates.
- Make a temporary directory (E.g. : /tmp/backup)
- Use the securityadmin tool to extract, export configuration files
- You will have the 5 config files, action_groups, internal_users, config, roles, roles_mappings
- You can then modify internal_users file (don’t forget to do a backup in case you mess up)
- Use the tool again to import a specific configuration file
mkdir /tmp/backup
To extract the configuration files :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/kirk.pem -key /etc/elasticsearch/kirk-key.pem -icl -nhnv -cd /tmp/backup -r
Then you have to remove the date from the .yml files that is added at the end of it because the plugin only accept these filenames action_groups, internal_users, config, roles, roles_mappings.
To import the specific configuration file :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/kirk.pem -key /etc/elasticsearch/kirk-key.pem -icl -nhnv -t internalusers -f /tmp/backup/internal_users.yml
Hope it’s clear enough, have a good day 
Thi
1 Like
Hi @davor_mk did you manage to get it working using the securityadmin.sh method mentioned above?
I got it worked with different path. odfe 1.9 = es oss 7.8.0
mkdir /tmp/backup
To extract the configuration files :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /usr/share/elasticsearch/config/root-ca.pem -cert /usr/share/elasticsearch/config/kirk.pem -key /usr/share/elasticsearch/config/kirk-key.pem -icl -nhnv -cd /tmp/backup -r
Then you have to remove the date from the .yml files that is added at the end of it because the plugin only accept these filenames action_groups, internal_users, config, roles, roles_mappings.
To import the specific configuration file :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /usr/share/elasticsearch/config/root-ca.pem -cert /usr/share/elasticsearch/config/kirk.pem -key /usr/share/elasticsearch/config/kirk-key.pem -icl -nhnv -t internalusers -f /tmp/backup/internal_users.yml