https://community.splunk.com/t5/Security/Splunk-capabilities-rol/m-p/407104#M15042 <P>Hey @jawaharas, thank you very much, that works!!</P> Fri, 26 Jul 2019 18:08:44 GMT julian0125 2019-07-26T18:08:44Z https://community.splunk.com/t5/Security/Splunk-capabilities-rol/m-p/407102#M15040 <P>Hello Splunkers!</P> <P>i have a question, i am unable to search on splunk web that's because accidentaly deleted some capabilities on roles. I was able to log in but i cannot do searches or event see the apps, and also cannot enter to the access control option, appears a 500 internal error server. is there a way to resolve this? Thanks</P> Thu, 25 Jul 2019 20:38:23 GMT https://community.splunk.com/t5/Security/Splunk-capabilities-rol/m-p/407102#M15040 julian0125 2019-07-25T20:38:23Z https://community.splunk.com/t5/Security/Splunk-capabilities-rol/m-p/407103#M15041 <P>If your are facing issue with 'admin' user and if you have access to Splunk installation files try below steps.</P> <PRE><CODE>Navigate to $SPLUNK_HOME\etc\system\local\ path Rename/delete the file 'authorize.conf' (say authorize.conf.bak) Restart Splunk instance </CODE></PRE> Fri, 26 Jul 2019 07:16:27 GMT https://community.splunk.com/t5/Security/Splunk-capabilities-rol/m-p/407103#M15041 jawaharas 2019-07-26T07:16:27Z https://community.splunk.com/t5/Security/Splunk-capabilities-rol/m-p/407104#M15042 <P>Hey @jawaharas, thank you very much, that works!!</P> Fri, 26 Jul 2019 18:08:44 GMT https://community.splunk.com/t5/Security/Splunk-capabilities-rol/m-p/407104#M15042 julian0125 2019-07-26T18:08:44Z