** On behalf of a user of Slack**
“Hi Folks,If I update a user password using dashboards password reset UI, will it also update the hash in internal_users.yml or just in .opendistro_security ?I cannot update the password for kibanaserver user and it has full access to .kibana index, meaning if a user logs in with kibanaserver then they can create and delete dashboards.
Is this expected behavior?”
Hi rishabh singh,
Password reset on UI will NOT update the internal_users.yml be sure to use /securityadmin.sh -backup my-backup-directory to back up your current configuration before and after changes in UI please see more here (pay attention to “A word of caution”) :
When it comes to kibanaserver user you can update the password in internal_users.yml see how to generate password hash here: YAML files - OpenSearch documentation , see how to Applying changes to configuration files here: Applying changes to configuration files - OpenSearch Documentation .
Let me know if you have any questions.
Best,
mj