Changing Master Manager

[wazuh]

I am trying to migrate to a new master manager (from on-prem to cloud) i am currently testing and after i changed in ossec.conf of the new master mode (used to be worker node) i start getting issues of connecting with wazuh-wui user.

Here is how i edited ossec.conf

 <cluster>
    <name>wazuh</name>
    <node_name>new master node</node_name>
    <node_type>master</node_type>
    <key>key</key>
    <port>1516</port>
    <bind_addr>0.0.0.0</bind_addr>
    <nodes>
        <node>new master ip </node>
    </nodes>
    <hidden>no</hidden>
    <disabled>no</disabled>
  </cluster>

after running /var/ossec/bin/cluster_control -l it shows the new manager as master.

I've edited /usr/share/wazuh-dashboard/data/wazuh/wazuh.yml to include the new master IP address. however when i try to open server management through dashboard i get the following error:

INFO: No current API selected INFO: Getting API hosts... INFO: API hosts found: 1 INFO: Checking API host id [default]... INFO: Could not connect to API id [default]: 3099 - ERROR3099 - Invalid credentials INFO: Removed [navigate] cookie ERROR: No API available to connect

I've tried adding the wazuh user and wazuh-wui user to wazuh-keystore of the newly created master, using the following commands but i still get the same error:
echo 'wazuh' | /var/ossec/bin/wazuh-keystore -f api -k username
echo 'password of api' | /var/ossec/bin/wazuh-keystore -f api -k password

echo 'wazuh-wui' | /var/ossec/bin/wazuh-keystore -f wui -k username

 echo 'password of wui' | /var/ossec/bin/wazuh-keystore -f wui -k password

Am i doing something wrong in this migration of master manager?

[Emiliano Zorn]

This error seems to be mainly due to an invalid credential in the Wazuh dashboard /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml configuration file, where the wazuh-wui user configuration is set.

Since you're having a multi-cluster environment, kindly confirm that you ran the password management tool on the Wazuh server master node as stated in the below documentation:

https://documentation.wazuh.com/current/user-manual/user-administration/password-management.html#changing-the-passwords-in-a-distributed-environment

Also, confirm that you updated the /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml configuration file with the new wazuh-wui password generated previously.

Restart the Wazuh dashboard service and reload the browser page again:

systemctl restart wazuh-dashboard

[wazuh]

No i have not done this step of using the password tool, i've tried to manually add the existing wazuh and wazuh-wui users to the wazuh-keystore for the master manager so i could keep the existing account details. wazuh.yml is updated to point to the new master manager using the same wazuh-wui user. Do i have to reset the password using the password management tool when changing master manager? is there a way to keep the same password as before?

[wazuh]

using  Password management - User administration · Wazuh documentation documentation i was able make it work in my test environment, however the password was changed as the tool regenerates new passwords, however i still wonder if it is possible to add the existing user to the master manager without impacting the credentials.