I am facing a problem similar to the following Answers!
https://answers.splunk.com/answers/549958/admin-like-account-that-cant-assign-the-can-delete.html
On my case, I can't assign can_delete
to default user admin
and the below message is displayed.
Role=can_delete is not grantable
Is this specification?
Please someone tell me.
Apparently, changing the setting of the admin
role (*change of the default index to be searched etc...) will automatically add the setting value grantableRoles = admin
to authorize.conf
under system/local
.
Also due to the setting value, can_delete
could not be assign to theadmin
user.
Therefore I would like to avoid it with workaround etc. proposed by @renjith.nair
Apparently, changing the setting of the admin
role (*change of the default index to be searched etc...) will automatically add the setting value grantableRoles = admin
to authorize.conf
under system/local
.
Also due to the setting value, can_delete
could not be assign to theadmin
user.
Therefore I would like to avoid it with workaround etc. proposed by @renjith.nair
Hi @yutaka1005,
That's because you are trying to assign "role" to the user
admin. Instead of that , try adding can_delete "role" to admin role
and then try adding the role -> user
So in short
role can_delete
-> admin role
role can_delete
-> admin user
Thank you for answer.
I will also refer to the workaround you taught.