If you restore config files from $SPLUNK_HOME/etc over the top of a fresh installation you need to be mindful of a few things.
$SPLUNK_HOME/etc/auth/splunk.secret needs to be restored to the correct location before you start Splunk for the first time.
$SPLUNK_HOME/etc/passwd needs to be restored to enable any local users (admin)
If you didn't replace both of these files with the original version before you started Splunk you are in a pickle.
The issue you now have is that all of the encrypted passwords in all the config files will be unreadable.
Best approach (assuming you have backups of the two files above) is to wipe/reinstall making sure those files are there first.
If you do not have those files (or otherwise cant take this approach).
Delete $SPLUNK_HOME/etc/passwd (any local splunk users on that box will loose their passwords)
Start Splunk - this should prompt you to set a password for admin (or use the user-seed.conf approach https://docs.splunk.com/Documentation/Splunk/8.0.1/Admin/User-seedconf)
Confirm you can login as admin.
Have any local users reset their passwords - admin will have to supervise.
Replace any encrypted passwords in .conf files with Plaintext passwords and restart Splunk to have it re-encrypt them with the new secret.
Confirm any passwords or keys for external auth (SAML/LDAP/MFA) are replaced.