I disabled for a particular role the read permission on search app. The problem is users with that role can't change their password; in Edit Account you can see nothing.
How can I disable the search app and continue to allow users with that role to change their settings?
Hi,
The UIs for user password changes by default are stored within the "search" app. So when you remove the read access to this app there is no way to render the ui for that user. Try copying the xml from the default search app.... usually:
$SPLUNK_HOME/search/default/data/ui/manager/authentication_change_user_password.xml
to the default app set for the specific user role. Use the same path ... create "manager" dir if necessary.
Also assuming that your user role has the change_own_password
capability set... as it seems like it was working before. Hopefully this should fix the issue for you.
Hi,
The UIs for user password changes by default are stored within the "search" app. So when you remove the read access to this app there is no way to render the ui for that user. Try copying the xml from the default search app.... usually:
$SPLUNK_HOME/search/default/data/ui/manager/authentication_change_user_password.xml
to the default app set for the specific user role. Use the same path ... create "manager" dir if necessary.
Also assuming that your user role has the change_own_password
capability set... as it seems like it was working before. Hopefully this should fix the issue for you.
It doesn't work. It seems Splunk uses only the page located under the search app, it doesn't search for "alternatives".
I just did a quick test and it did work on my side. Notice that when you set a default app for the role the url automatically changes for that app. Eg:
http://ursplunk/en-US/manager/**search**/authentication/changepassword/admin?action=edit
vs
http://ursplunk/en-US/manager/**launcher**/authentication/changepassword/test?action=edit
This is what I did if it can help:
copied the xml file
cd $SPLUNK_HOME/etc/apps/launcher/default/data/ui/
mkdir manager
cd manager
cp -v $SPLUNK_HOME/etc/apps/search/default/data/ui/manager/authentication_change_user_password.xml .
Added a user "test" and assigned the role "testr"
Made sure "launcher" was set as his default app.
restarted splunk $SPLUNK_HOME/bin/splunk restart
Logged in as test user and tried the "edit account" was successfully presented the option to change.
You're right, I missed to change the default app. And since I'm on Linux I could create a soft link to authentication_change_user_password.xml
.
Alternatively I could also add the link to all the apps the role can use and see, as well as the launcher
one.
I think that if I'll have time I'll create a custom "Edit Account" page using Python SDK, since the app is a django app and we added custom user preferences.
Thank you! Ran into this problem today while trying to restrict permissions for users to only have access to my app, but also have the ability to change their password. This worked great!