https://community.splunk.com/t5/Splunk-Enterprise/Update-authentication-conf-by-Pushing-an-app-From-Deployer-to/m-p/648190#M16647 <P>Hi</P><P>you cannot push anything from deployer to SHC's members .../etc/system/local.</P><P>The correct way it use separate app for SHC generic configurations and put those there. Then you must remove everything what has added via GUI from .../etc/system/local/authentication.conf. You could try to clean your local changes by GUI and check if those are removed from fs. If not then the last option is stop your SHC and then remove those by hand from files one by one.</P><P>When you have SHC or actually any other SH the best practices is use e.g. AD or any SAML authentication to manage your users in any corporate environments. Then you should have this kind of policies implemented already on your master IDM system.</P><P>You could change password e.g. like this&nbsp;<A href="https://community.splunk.com/t5/Getting-Data-In/how-to-change-user-password-using-rest-url-without-using-curl/m-p/232785" target="_blank">https://community.splunk.com/t5/Getting-Data-In/how-to-change-user-password-using-rest-url-without-using-curl/m-p/232785</A>&nbsp;Just replace localhost with your SHC REST api address.</P><P>r. Ismo</P> Mon, 26 Jun 2023 11:10:32 GMT isoutamo 2023-06-26T11:10:32Z https://community.splunk.com/t5/Splunk-Enterprise/Update-authentication-conf-by-Pushing-an-app-From-Deployer-to/m-p/648168#M16646 <P>Hello,</P> <P>I have a task with two steps&nbsp;</P> <OL> <LI>Create an app taht will increase local account password complexity from 8 chars to 18chars , push it from deployer to SHC</LI> <LI>Using REST API Calls Update local admin account password with long 18chars random generated string&nbsp;</LI> </OL> <P>I found the file I need to update it is under :&nbsp;/opt/splunk/etc/system/local/authentication.conf, I can create an APP folder on deployer such as /opt/splunk/etc/shcluster/apps/EXAMPLE_PASSWORD_COMPLEXITY_APP<BR />How do I rout that the file inside updates the file in&nbsp;/opt/splunk/etc/system/local/authentication.conf<BR /><BR />And on point 2. if anyone has the API Call to update SH password for local account&nbsp; I woul appreciate it .</P> Mon, 26 Jun 2023 15:10:53 GMT https://community.splunk.com/t5/Splunk-Enterprise/Update-authentication-conf-by-Pushing-an-app-From-Deployer-to/m-p/648168#M16646 a1bg503461 2023-06-26T15:10:53Z https://community.splunk.com/t5/Splunk-Enterprise/Update-authentication-conf-by-Pushing-an-app-From-Deployer-to/m-p/648190#M16647 <P>Hi</P><P>you cannot push anything from deployer to SHC's members .../etc/system/local.</P><P>The correct way it use separate app for SHC generic configurations and put those there. Then you must remove everything what has added via GUI from .../etc/system/local/authentication.conf. You could try to clean your local changes by GUI and check if those are removed from fs. If not then the last option is stop your SHC and then remove those by hand from files one by one.</P><P>When you have SHC or actually any other SH the best practices is use e.g. AD or any SAML authentication to manage your users in any corporate environments. Then you should have this kind of policies implemented already on your master IDM system.</P><P>You could change password e.g. like this&nbsp;<A href="https://community.splunk.com/t5/Getting-Data-In/how-to-change-user-password-using-rest-url-without-using-curl/m-p/232785" target="_blank">https://community.splunk.com/t5/Getting-Data-In/how-to-change-user-password-using-rest-url-without-using-curl/m-p/232785</A>&nbsp;Just replace localhost with your SHC REST api address.</P><P>r. Ismo</P> Mon, 26 Jun 2023 11:10:32 GMT https://community.splunk.com/t5/Splunk-Enterprise/Update-authentication-conf-by-Pushing-an-app-From-Deployer-to/m-p/648190#M16647 isoutamo 2023-06-26T11:10:32Z https://community.splunk.com/t5/Splunk-Enterprise/Update-authentication-conf-by-Pushing-an-app-From-Deployer-to/m-p/649638#M16757 <P>Sorry but we decided to take another approach using REST Api calls</P> Fri, 07 Jul 2023 14:51:53 GMT https://community.splunk.com/t5/Splunk-Enterprise/Update-authentication-conf-by-Pushing-an-app-From-Deployer-to/m-p/649638#M16757 a1bg503461 2023-07-07T14:51:53Z