System Maintenance: Manage the deploy_admin Account

Document created by RSA Information Design and Development Employee on Apr 6, 2020Last modified by RSA Information Design and Development Employee on Apr 24, 2020
Version 29Show Document
  • View in full screen mode
 

The deploy_admin account is a system account that is used throughout multiple NetWitness Platform components for system-specific access. It is a password-based account that may need periodic password updating if deployment environment policies require it. The deploy_admin account is used on every NetWitness Platform host, and must be kept in sync between all hosts. Prior to 11.4.1, the process to change the deploy_admin account required administrators to log into every NetWitness Platform host and run the /opt/rsa/saTools/bin/set-deploy-admin-password script on each system. Starting with 11.4.1, the deploy_admin password is centrally managed with the nw-manage script on the NW Server. nw-manage script execution updates the password on all NetWitness Platform component hosts that use the deploy_admin account. The nw-manage script output displays the password update results for each host. If a NetWitness Platform component host is down or unreachable for any reason, the nw-manage script provides an additional option to synchronize the deploy_admin password on the previously unresponsive host with the NW Server when that host becomes available again.

The following procedures describe how to change the deploy_admin password for all hosts in your environment, for hosts in a mixed version environment, and for hosts that are unavailable during the first attempt to change the deploy_admin password.

Change the deploy_admin Account Password

  1. Log in to the NW Server host using SSH or the NwConsole.
  2. Run the following command:
    nw-manage --update-deploy-admin-pw
    A prompt for the new password is displayed.
  3. Enter the new password.

Change the deploy_admin Account Password in a Mixed Version Environment

If you are operating in a mixed version environment (for example, NW Server is on a newer version (greater than or equal to 11.4.1) and the NW component hosts are still on an older version of NetWitness (less than 11.4.1), the nw-manage script prompts you to run the /opt/rsa/saTools/bin/set-deploy-admin-password script on those older component hosts first. After the hosts on the older versions are updated, you rerun the nw-manage script on the NW Server with the --skip-version-checks argument.

  1. On each component host that is on an older version, reset the deploy_admin password by running the following command:
    /opt/rsa/saTools/bin/set-deploy-admin-password
    This resets the deploy_admin password on all the component hosts with the older versions.
  2. Log in to the NW Server host using SSH or the NwConsole and run the following command:
    nw-manage --update-deploy-admin-pw --skip-version-checks
    A prompt for the new password is displayed.
  3. Enter the new password.

Change the deploy_admin Account Password for a Component Host that is Unavailable

If a component host is down or otherwise unreachable the first time you run the nw-manage script, it is identified as skipped in the nw-manage --update-deploy-admin-pw output. When the host is back online, its deploy_admin password must be synchronized with the NW Server.

To synchronize the previously unreachable host with the NW Server:

  1. Log in to the NW Server host using SSH or the NwConsole.
  2. Run the following command:
    nw-manage --sync-deploy-admin-pw -–host-key <ID, IP, hostname or display name of host>

Previous Topic:Configure FIPS Support
You are here
Table of Contents > Manage the deploy_admin Account

Attachments

    Outcomes