000029806 - Disable/Rename the default RSA NetWitness Platform admin user account

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Sep 2, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000029806
Applies ToRSA Product Set: NetWitness Logs & Network
RSA Product/Service Type: NetWitness Core
RSA Version/Condition: 10.6.x, 11.x
IssueIt is a common security policy practice to have a restriction on the use of default user/service accounts which requires them to be disabled or renamed.
In NetWitness, the default admin user account would fall into this policy.
ResolutionThe default admin user account in NetWitness is static and required.
The admin user account cannot be changed, and can't be disabled.

Attempting to disable the admin user account through the NetWitness UI returns the below error.

User-added image

The password of the default admin user account can be changed to any complex password required by Customer's security policy.