Hello,
I'm creating a new cluster using 8.4 and configuring the security features manually.
I've created the certificates for the transport and http protocol and everything works as expected, the cluster starts up and the nodes communicate with each other without any issue.
The next part would be to reset the password for the built-in users.
From the documentation, to do that you just need to run the following command in any node.
./bin/elasticsearch-reset-password auto
But running this command produces the following output:
[root@redacted ~]# /usr/share/elasticsearch/bin/elasticsearch-reset-password auto
Resets the password of users in the native realm and built-in users.
Option (* = required) Description
--------------------- -----------
-E <KeyValuePair> Configure a setting
-a, --auto
-b, --batch
-f, --force Use this option to force execution of the command
against a cluster that is currently unhealthy.
-h, --help Show help
-i, --interactive
-s, --silent Show minimal output
* -u, --username The username of the user whose password will be reset
--url the URL where the elasticsearch node listens for
connections.
-v, --verbose Show verbose output
ERROR: Missing required option(s) [u/username]
The error message says that the parameter -u, for the username you want to reset the password, must be provided, but this is not mentioned in the documentation.
Running using the parameter --auto provides the same error.
If I pass the username, then it works as expected and I'm able to reset the password for the built-in users needed, elastic e kibana_system.
Shouldn't this be mentioned in the documentation? Running elasticsearch-reset-password auto does not work as the documentation says it should work.