Hi,
I am installing shield and get error when I want to add a user like below. I searched and found some answers, however none of them helped me solved this. Anybody help ?
root@iZ28opsxl5dZ:[/data/elk/elasticsearch-2.3.4]bin/shield/esusers useradd es_admin -r admin
Error: Could not find or load main class org.elasticsearch.shield.authc.esusers.tool.ESUsersTool
My OP is centos6.6, installed kibana4.5, elassticsearch2.3,logstash2.3,shield2.3.
Hi @Jenny,
I tried to do the same. The following worked fine for me:
/data/elk/elasticsearch-2.3.4)cd /data/elk/elasticsearch-2.3.4bin/plugin install licensebin/plugin install shieldbin/shield/esusers useradd es_admin -r adminIn the 5th step it asked me to type in a password and confirm it and exited normally.
Are you able to restart from scratch and retry the steps I have mentioned above?
Daniel
oh, it means reinstall es?
Hi @1222kkk,
this does not mean that this is necessary in all cases but based on the description I have no clue what steps have been executed before and in which state the system is. In that case it is best to start with a clean slate.
Daniel
I faced the similar issue when I creating an esuser in Es 2.3.4
Do we need to set classpath var?
[esadmin@mue2rhegrdd001 elasticsearch-2.3.4]$ bin/shield/esusers useradd esadmin -r admin
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/commons/cli/CommandLineParser
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2625)
at java.lang.Class.getMethod0(Class.java:2866)
at java.lang.Class.getMethod(Class.java:1676)
at sun.launcher.LauncherHelper.getMainMethod(LauncherHelper.java:494)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:486)
Caused by: java.lang.ClassNotFoundException: org.apache.commons.cli.CommandLineParser
at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
... 6 more
Could you please help us to resolve?
Thanks,
Ganeshbabu R
Hi @r.ganeshbabu,
Do we need to set classpath var?
No.
NoClassDefFoundError indicates that the class is not found during runtime (the most likely cause in this case is that the JAR is not "visible" to the esusers script). It looks to me that your installation is completely broken. How did you install Elasticsearch? Did you try all 5 steps that I have described above?
Daniel
I followed step 1 & 2 and then I created yml files to the nodes and after I started Elasticsearch. Next I followed installation of shield,
At initially when I execute the bin/shield/esusers useradd esadmin -r admin, I am getting below error,
"You must set the ES_CLASSPATH var"
So i checked in the shell file inside bin folder **(elasticsearch.sh)**and it mentioned ES_CLASSPATH. So I manually did the setting as like below,
export ES_CLASSPATH=/home/esadmin/elasticsearch-2.3.4/lib/elasticsearch-2.3.4.jar
Next I tried to create es_admin user and getting the "NoClassDeffoundError"
Please correct me know if am doing something wrong in the ES setup.
Thanks,
Ganeshbabu R
Hi @r.ganeshbabu,
I checked the code in bin/shield/esusers. As far as I can see it determines the home directory of Elasticsearch (in your case /home/esadmin/elasticsearch-2.3.4) and will execute the script bin/elasticsearch.in.sh prior to checking $ES_CLASSPATH (which is populated by elasticsearch.in.sh) so there is something weird going on.
Is this script maybe missing or lacking the correct permissions? (you don't have to do anything special, just unzip Elasticsearch provided you have installed from a zip file).
If I do a ls -l in the bin directory, it shows:
dm@io:elasticsearch-2.3.4/bin $ ls -la
total 648
drwxr-xr-x@ 13 dm staff 442 Jul 27 18:32 .
drwxr-xr-x@ 12 dm staff 408 Jul 27 11:29 ..
-rwxr-xr-x@ 1 dm staff 5551 Jun 30 11:22 elasticsearch
-rw-rw-r--@ 1 dm staff 104448 Jan 27 2016 elasticsearch-service-mgr.exe
-rw-rw-r--@ 1 dm staff 103936 Jan 27 2016 elasticsearch-service-x64.exe
-rw-rw-r--@ 1 dm staff 80896 Jan 27 2016 elasticsearch-service-x86.exe
-rw-rw-r--@ 1 dm staff 909 Jun 30 11:22 elasticsearch.bat
-rw-rw-r--@ 1 dm staff 3307 Jun 30 11:22 elasticsearch.in.bat
-rwxr-xr-x@ 1 dm staff 2814 Jun 30 11:22 elasticsearch.in.sh
-rwxr-xr-x@ 1 dm staff 2992 Jun 30 11:22 plugin
-rw-rw-r--@ 1 dm staff 1303 Jun 30 11:22 plugin.bat
-rw-rw-r--@ 1 dm staff 6501 Jun 30 11:22 service.bat
drwxr-xr-x 7 dm staff 238 Jul 27 18:32 shield
Btw, there is no need to start Elasticsearch prior to adding users.
Daniel
One thing I have forgotten. There is no need to define ES_CLASSPATH yourself. The scripts will do this. So please ensure you do unset ES_CLASSPATH before proceeding.
Daniel
Thanks for the clarification so what I did is, I started from scratch and installed ES & shield and able to create esadmin user 
But we didn't have license for shield latest version I am getting below exception in ES logs,
License will expire on [Saturday, July 30, 2016]. If you have a new license, please update it.
Otherwise, please reach out to your support contact
Commercial plugins operate with reduced functionality on license expiration:
- shield
- Cluster health, cluster stats and indices stats operations are blocked
- All data operations (read and write) continue to work
Also I tried verifying the shield esadmin user by executing the following curl command,
curl --user esadmin:Gemmot08 -XGET '10.247.0.5:9200?pretty=true'
I am getting below error,
{
"error" : {
"root_cause" : [ {
"type" : "security_exception",
"reason" : "unable to authenticate user [esadmin] for REST request [/?pretty=true]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"shield\""
}
} ],
"type" : "security_exception",
"reason" : "unable to authenticate user [esadmin] for REST request [/?pretty=true]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"shield\""
}
},
"status" : 401
}
Due to that, I couldn't login into the ES HQ & marvel plugins for monitoring purpose.
Is the shield not working because of license update?
Please let us know so that I can work the team to get the latest shield license.
Thanks,
Ganeshbabu R
Hi @r.ganeshbabu,
License will expire on [Saturday, July 30, 2016]. If you have a new license, please update it.
Otherwise, please reach out to your support contact
Shield is a commercial extension of Elasticsearch. This message just says that your license will expire on Saturday (I guess you are on a trial license). If you want a permanent license, you should contact Elastic.
Your curl command looks ok to me. Maybe you have mistyped the password? You should also check whether the logs contain more details.
Daniel
P.S.: I'd avoid posting passwords in public forums.
Okay sure I will contact support team for license.
I have tried many times and I kept very simple password too, though I am getting the same error,
Below is the details in the ES logs,
[INFO][node] [mue2rhegrdd001_RD_NDX_MASTER] version[2.3.4], pid[19771], build[e455fd0/2016-06-30T11:24:31Z]
[node] [mue2rhegrdd001_RD_NDX_MASTER] initializing ...
[INFO ][plugins] [mue2rhegrdd001_RD_NDX_MASTER] modules [lang-groovy, reindex, lang-expression], plugins [hq, siren-join, shield, license, head], sites [hq, head]
[INFO ][env] [mue2rhegrdd001_RD_NDX_MASTER] using [1] data paths, mounts [[/app/datadrive (/dev/sdc1)]], net usable_space [955.2gb], net total_space [1006.8gb], spins? [possibly], types [ext4]
[INFO ][env] [mue2rhegrdd001_RD_NDX_MASTER] heap size [7.9gb], compressed ordinary object pointers [true]
[WARN ][env] [mue2rhegrdd001_RD_NDX_MASTER] max file descriptors [4096] for elasticsearch process likely too low, consider increasing to at least [65536]
[INFO ][http] [mue2rhegrdd001_RD_NDX_MASTER] Using [org.elasticsearch.http.netty.NettyHttpServerTransport] as http transport, overridden by [shield]
[INFO ][transport] [mue2rhegrdd001_RD_NDX_MASTER] Using [org.elasticsearch.shield.transport.ShieldServerTransportService] as transport service, overridden by [shield]
[INFO ][transport] [mue2rhegrdd001_RD_NDX_MASTER] Using [org.elasticsearch.shield.transport.netty.ShieldNettyTransport] as transport, overridden by [shield]
[INFO ][node] [mue2rhegrdd001_RD_NDX_MASTER] initialized
[INFO ][node] [mue2rhegrdd001_RD_NDX_MASTER] starting ...
[INFO ][shield.transport] [mue2rhegrdd001_RD_NDX_MASTER] publish_address {10.247.0.5:9300}, bound_addresses {10.247.0.5:9300}
[INFO ][discovery] [mue2rhegrdd001_RD_NDX_MASTER] ES_RD_NDX_DEV/d6k_ElEITQKlTOhgeVdAoQ
[WARN ][bootstrap] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
[WARN ][bootstrap] Unable to lock JVM Memory: error=12,reason=Cannot allocate memory
[WARN ][bootstrap] This can result in part of the JVM being swapped out.
[WARN ][bootstrap] Increase RLIMIT_MEMLOCK, soft limit: 65536, hard limit: 65536
[WARN ][bootstrap] These can be adjusted by modifying /etc/security/limits.conf, for example:
# allow user 'esadmin' mlockall
esadmin soft memlock unlimited
esadmin hard memlock unlimited
[WARN ][bootstrap] If you are logged in interactively, you will have to re-login for the new limits to take effect.
[INFO ][node] [mue2rhegrdd001_RD_NDX_DATA] version[2.3.4], pid[19809], build[e455fd0/2016-06-30T11:24:31Z]
[INFO ][node] [mue2rhegrdd001_RD_NDX_DATA] initializing ...
[INFO ][plugins] [mue2rhegrdd001_RD_NDX_DATA] modules [lang-groovy, reindex, lang-expression], plugins [hq, siren-join, shield, license, head], sites [hq, head]
[INFO ][env] [mue2rhegrdd001_RD_NDX_DATA] using [1] data paths, mounts [[/app/datadrive (/dev/sdc1)]], net usable_space [955.2gb], net total_space [1006.8gb], spins? [possibly], types [ext4]
[INFO ][env] [mue2rhegrdd001_RD_NDX_DATA] heap size [15.9gb], compressed ordinary object pointers [true]
[WARN ][env] [mue2rhegrdd001_RD_NDX_DATA] max file descriptors [4096] for elasticsearch process likely too low, consider increasing to at least [65536]
[INFO ][http] [mue2rhegrdd001_RD_NDX_DATA] Using [org.elasticsearch.http.netty.NettyHttpServerTransport] as http transport, overridden by [shield]
[INFO ][transport] [mue2rhegrdd001_RD_NDX_DATA] Using [org.elasticsearch.shield.transport.ShieldServerTransportService] as transport service, overridden by [shield]
[INFO ][transport] [mue2rhegrdd001_RD_NDX_DATA] Using [org.elasticsearch.shield.transport.netty.ShieldNettyTransport] as transport, overridden by [shield]
[INFO ][node] [mue2rhegrdd001_RD_NDX_DATA] initialized
[INFO ][node] [mue2rhegrdd001_RD_NDX_DATA] starting ...
[INFO ][shield.transport] [mue2rhegrdd001_RD_NDX_DATA] publish_address {10.247.0.5:9260}, bound_addresses {10.247.0.5:9260}
[INFO ][discovery] [mue2rhegrdd001_RD_NDX_DATA] ES_RD_NDX_DEV/7zshcpocTciXd9Gxs3HFvA
[WARN ][discovery] [mue2rhegrdd001_RD_NDX_MASTER] waited for 30s and no initial state was set by the discovery
[INFO ][http] [mue2rhegrdd001_RD_NDX_MASTER] publish_address {10.247.0.5:9200}, bound_addresses {10.247.0.5:9200}
[INFO ][node] [mue2rhegrdd001_RD_NDX_MASTER] started
[WARN ][discovery] [mue2rhegrdd001_RD_NDX_DATA] waited for 30s and no initial state was set by the discovery
[INFO ][http] [mue2rhegrdd001_RD_NDX_DATA] publish_address {10.247.0.5:9240}, bound_addresses {10.247.0.5:9240}
[INFO ][node] [mue2rhegrdd001_RD_NDX_DATA] started
Hope I didn't miss something not related to shield in the logs..
Please let us know your response.
Thanks,
Ganeshbabu R
Hi,
Please double check that your username is really "esadmin". Because the username in the command that I have shown is "es_admin" (note the underscore!). So I guess your command should really be:
curl --user es_admin:Gemmot08 -XGET '10.247.0.5:9200?pretty=true'
Daniel
P.S.: Please change the password of your cluster if you haven't already done so.
I tried both ways but still I am getting the same error.
Oh, Is it possible?
Can you help me how to change the password of cluster?
Thanks,
Ganeshbabu R
Hi @r.ganeshbabu,
I tried both ways but still I am getting the same error.
Really, this must be a typo or something like that. Can you revisit the whole installation procedure step by step and check very carefully that you did not introduce a typo? I know this sounds maybe obvious but it looks like you get a very minor detail wrong. The user name and the password need to match exactly with what you entered when you've created the user.
Can you help me how to change the password of cluster?
See the Shield documentation on how to change passwords with esusers.
Daniel
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.