Based on the documentation and answer 8519, it is unclear that both the admin password has to have been changed, and allowRemoteLogin=always must be set in order to execute CLI commands remotely. However, experimentation with Splunk 4.1.4 shows that both must be true. All forwarders are lightweight and using the forwarder license. They simply need to have the deploy client set:
"c:\program files\Splunk\bin\splunk" Set deploy-poll splunk:8089 -auth admin:changeme
I have 274 servers that need to be upgraded, and with this new limitation it appears that I will have to logon to each to complete the install. Any suggestions for a workaround would be appreciated.
Back to the old deployment method - copy conf files. In this case only deploymentclient.conf needed to be copied.
Back to the old deployment method - copy conf files. In this case only deploymentclient.conf needed to be copied.
PSExec is what I'm using.
Script it! Puppet on Linux and a simple batch script + psexec on Windows. Have the script pull the correct conf file from the network and restart splunk.
It is a bit of a chicken-egg situation. You can't change the password via the CLI because you're using the default password, as you've discovered. The short answer is that you're going to have to issue the command to change the passwords locally. You could probably accomplish this with a tool like puppet which would allow you to download and run the script at boot time.