Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 2

List permissions

We have a new MWG cluster and we need to migrate 4000+ lists with the correct permissions.  Is there a way I can export /import the permissions or script the process so I don't have to manually edit each list?

1 Reply
Report Inappropriate Content
Message 2 of 2

Re: List permissions



at first, there might be a way to copy/paste some config/account files (which I do not 100% know) but there is also the way to do this with a backup file which I will explain here. I hope that this still helps you, otherwise let us know further details.

Please notice, I just did a quick test with one additional user/role/permission assignment and it worked but I still recommend to test this out of business hours or simply between 2 test machines where no user traffic is!

When you create a backup, it contains policy, configuration and accounts part. If you want to restore the backup file to a new single machine including the configuration and accounts part, you will need the UUID of the "old" appliance. After restore, new machine has then same policy and configuration including same IP config as the old one (there might be an IP address conflict to this time), so you will need to manually change the IP via CLI, then login to UI and do the change there again and save it via UI to make it permanent. Then you have a new machine with same policy, configuration (exceptional the IP config) and accounts as the other one.


So steps would be:
1. take backup of old machine (including policy, configuration and accounts)

2. get UUID of old machine via CLI:
# mwg-info uuid

3. transfer backup file via filezilla or other to new single machine (rest of the cluster members will sync this later via central management)

4. login via CLI to new machine

5. use following command to restore this backup using old UUID (path to backup and UUID needs to be adjusted).
Important: after restore, there might be an IP address conflict with old one until you change the IP address manually.
# /opt/mwg/bin/mwg-coordinator -u mwgc:mwg -R "file:in=/var/backup.old;options:forcedetachgui=yes,uuid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

explained in this article:

6. after successful restore, manually change IP of new machine and set default route that it can be reached

7. login to UI of new machine using new assigned IP

8. make any change to IP config like deleting and re-adding some characters and press "Save Changes" button to make it permanent (CLI changes are only available until next reboot).

9. now, add other new machines (for new cluster) to this one new machine and they will sync the policy (including lists) + accounts. If you further want to make sure that first single machine becomes "sync master" you can modify the node priority under "Configuration" > "Central Management" > "Advanced Management Settings" > "Node priority".


As mentioned above, I did a quick test. I created new user, test role and assigned this role as read only permission to a category list. Then have taken a backup, restored this to new machine etc. At the end, new machine shows same policy/configuration/accounts and I can also see this one permission assignment of my test role in category list etc.


I hope you find this information helpful and that I did not make any mistake! 😊
Please let us know if you have further questions.

Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community