What would be the proper way to push an authentication.conf from the deployer and have the bind password not left in clear text? Is it possible to push the authentication from the deployer without the bind password and then add another authentication.conf manually to each search head in system local with only the bind password in the stanza? After restart of the search head cluster I’m thinking the bind password would then be encrypted? Would this be the proper way to do this? Would appreciate any other suggestions.
Hi there,
we worked around this problem by having the same 'splunk.secret' file on all instances, this enables you to have encrypted passwords or secrets in your deployment apps.
Hope this helps ...
cheers, MuS
Hi @nyajoefit22
Yes! you can push the authentication config from Deployer without bind password and just add the bind password under system/local and restart each search head/rolling restart of SHC. This would avoid plain text password in TA.
Ok so push the authentication.conf from the deployer and on each search head and create a authentication.conf in system/local without the bind password in the stanza in clear text. something like this
[ldap_1]
bindDNpassword = abc123
then do a rolling restart on all of sh cluster and then the password should be encrypted