The Management Center Configuration Tool (hz-mc conf) is a command line tool that allows you to automate processes that require configuring Management Center, without using the UI.
This tool makes changes to the configuration settings in the hazelcast-mc directory of the user’s home directory. As a result, the tool must be used on the same device as the Management Center web application is deployed and Management Center must not be running while using the tool.
Getting Started
To use the hz-mc conf tool, execute the hz-mc conf command in the bin/ directory of the Management Center distribution. This command is available as a shell script (hz-mc conf) for Linux and Mac or a batch file (mc-conf.bat) for Windows.
- 
Make sure that Management Center is not running. You cannot use this tool while Management Center is running. 
- 
To see all available commands, execute the hz-mc confcommand with no additional arguments.If you’ve set a non-default home directory with the hazelcast.mc.homeproperty, you must provide the path to the home directory with the-Hor--homeoptions.
- 
To see documentation for a specific command, enter the command, followed by the -hflag.
- 
To see documentation for a specific task, enter the command, followed by the task and the -hflag.
Commands
The hz-mc conf tool comes with the following commands. Each command includes tasks that you can execute.
| Command | Description | 
|---|---|
| 
 | Manage cluster connections. See Connecting to a Cluster with the hz-mc conf Tool. | 
| 
 | Manage users in the default security provider. See Local Security Provider | 
| 
 | Manage the LDAP security provider. See LDAP | 
| 
 | Manage the Active Directory security provider. See Active Directory | 
| 
 | Manage the JAAS security provider. See JAAS | 
| 
 | Manage the OpenID Connect security provider. See OpenID Connect | 
| 
 | Manage the SAML security provider. See SAML | 
| 
 | Manage security providers. See Switching to a New Security Provider | 
| 
 | Change settings in Management Center. | 
| 
 | Read settings from Management Center. | 
| 
 | Manage the dev mode security provider. See Dev Mode | 
Skipping the Check for a Lock File
When you execute hz-mc conf or mc-conf.bat, the script checks if Management Center is running by looking for a lock file called mc.lock in the Management Center home directory. If the mc.lock file is found, the script exits with an error. You can disable this check by starting Management Center with the hazelcast.mc.lock.skip property.
export JAVA_OPTS='-Dhazelcast.mc.lock.skip=true'
hz-mc conf ...This property can be useful when you run Management Center on Kubernetes, and the home directory is on a mounted persistent volume. In this case when Kubernetes restarts the container for any reason, the mc.lock file won’t be deleted, therefore the next startup will be prevented due to the lock file.
Hiding Sensitive Configuration in the UI
The set sensitive-properties task configures the sensitive properties that must not be shown in plain text in Management Center.
--hidden-properties is a comma-separated list of member properties to be hidden in the member properties.
--masked-config-properties is a comma-separated list of XPath expressions in the member configuration to be masked.
Secure Interactive Prompt for Passwords
By default, passwords are displayed in the console as you type. If you want to hide your password from the console, you can use a secure interactive prompt.
To use a secure interactive prompt, enter the password option without providing a value. For example, instead of
--password=<password>, use --password.
When you use the --password option without providing a value, you will get a prompt to enter a value on the console.
hz-mc conf user update-password --username=admin --password
Enter value for --password (Password for the user record. Provide value directly,
or use without value to enter securely with interactive prompt.): ********
Successfully changed password for user 'admin'.As you see in the above example, the password input is not echoed to the console since it is provided with the secure interactive mode.
Argument Files
When an
argument beginning with the character @ is encountered, it is treated as a path
leading to a text file. The contents of that file are automatically expanded into
the current task. An example of the argument file usage is shown below.
hz-mc conf user update-password @arg-file.txt
Successfully changed password for user 'admin'.
cat arg-file.txt
--username=admin --password=mnb3c4s0