https://community.splunk.com/t5/Security/Why-does-setup-xml-with-encrypted-credentials-fail-on-re-run/m-p/305429#M8070 <P>I got one solution here,</P> <P>If you know username then create 'passwords.conf' in default directory containing,</P> <PRE><CODE>[credential::user_name:] </CODE></PRE> <P>and in setup.xml use entity "user_name" instead of "_new"</P> <PRE><CODE>&lt;block title="Public Key" endpoint="storage/passwords" entity="user_name*" mode="iter" eai_strict="false"&gt; </CODE></PRE> Tue, 29 Sep 2020 19:42:51 GMT mkhan_splunk 2020-09-29T19:42:51Z https://community.splunk.com/t5/Security/Why-does-setup-xml-with-encrypted-credentials-fail-on-re-run/m-p/305428#M8069 <P>It's unclear to me how to allow users to change a stored password via <CODE>setup.xml</CODE>.</P> <P>The "Setup page example with user credentials" (<A href="http://dev.splunk.com/view/SP-CAAAE9B#creds">http://dev.splunk.com/view/SP-CAAAE9B#creds</A>) works fine for initially configuring the app I'm developing; I can see that an entry gets created in <CODE>/servicesNS/nobody/&lt;appname&gt;/storage/passwords</CODE>.</P> <P>However, upgrading the app ("Install app from file" / [x] Upgrade app) prompts me to enter Setup again after app upgrade. This time, the credential post fails with the error:</P> <PRE><CODE>Encountered the following error while trying to update: Error while posting to url=/servicesNS/nobody/&lt;appname&gt;/storage/passwords/ </CODE></PRE> <P>Meanwhile, splunkd.log displays the error:</P> <PRE><CODE>SetupAdminHandler - Cannot find field='name' in url='/storage/passwords/_new/' setting value to empty string SetupAdminHandler - Cannot find field='name' in url='/storage/passwords/_new/' setting value to empty string SetupAdminHandler - Error while posting to url=/servicesNS/nobody/&lt;appname&gt;/storage/passwords/ </CODE></PRE> <P>I presume this is because a password has already been saved in the <CODE>storage/passwords</CODE> store, and my setup.xml block refers to the <CODE>_new</CODE> entity, i.e:</P> <PRE><CODE>&lt;block title="Script credentials" endpoint="storage/passwords" entity="_new"&gt; </CODE></PRE> <P>I've seen suggestions about using a custom endpoint to accomplish this better, and advice that users should manually clear settings from <CODE>local/passwords.conf</CODE> files during an upgrade/before changing their username/password. The latter seems unideal (some users may not have filesystem access to their splunk instance), and the former feels like overkill.</P> <P>What I'm basically looking for is "create or update" logic when using the <CODE>storage/passwords</CODE> endpoint. Is there a streamlined/best-practice way to accomplish this without having to implement this logic in conjunction with a custom endpoint? This feels like the type of thing that should be a pretty common occurrence, so I'm surprised that I haven't found anything in the documentation about it.</P> Thu, 16 Feb 2017 00:51:33 GMT https://community.splunk.com/t5/Security/Why-does-setup-xml-with-encrypted-credentials-fail-on-re-run/m-p/305428#M8069 ssanborn 2017-02-16T00:51:33Z https://community.splunk.com/t5/Security/Why-does-setup-xml-with-encrypted-credentials-fail-on-re-run/m-p/305429#M8070 <P>I got one solution here,</P> <P>If you know username then create 'passwords.conf' in default directory containing,</P> <PRE><CODE>[credential::user_name:] </CODE></PRE> <P>and in setup.xml use entity "user_name" instead of "_new"</P> <PRE><CODE>&lt;block title="Public Key" endpoint="storage/passwords" entity="user_name*" mode="iter" eai_strict="false"&gt; </CODE></PRE> Tue, 29 Sep 2020 19:42:51 GMT https://community.splunk.com/t5/Security/Why-does-setup-xml-with-encrypted-credentials-fail-on-re-run/m-p/305429#M8070 mkhan_splunk 2020-09-29T19:42:51Z