Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000026963 - How to back up and restore user accounts in RSA NetWitness Platform

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support on Sep 24, 2019

Version 5Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000026963
Applies To	RSA Product Set: NetWitness Logs & Network RSA Product/Service Type: NW Server RSA Version/Condition: 10.6.x Platform: CentOS 6
Issue	How to back up and restore user accounts in RSA NetWitness 10.6.x How do I back up my users in RSA NetWitness to import them into a new instance or appliance? How do I restore my RSA NetWitness users from a backup? How do I restore my users in RSA NetWitness after buildsticking the server appliance?
Resolution	It is possible to back up the internal and external users in the NetWitness (NW) UI in order to restore them in a new instance and/or a new appliance. To perform this procedure, follow the steps below. Connect to the NW server appliance via SSH. Navigate to the home directory by issuing the following command: cd ~/ Retrieve the H2 Java tools and place them on the NW server appliance by issuing the following command: wget http://repo1.maven.org/maven2/com/h2database/h2/1.2.147/h2-1.2.147.jar Copy down all Active Directory configurations from the External Mappings and Settings tabs under Administration -> System -> Security in the NW UI, as these will not be backed up and will need to be re-added manually. Navigate to the H2 platform database directory by issuing the following command: cd /var/lib/netwitness/uax/db Stop the Jetty service by issuing the following command: stop jettysrv Backup the H2 platform database by issuing the following command: java -cp ~/h2-1.2.147.jar org.h2.tools.Backup -file ~/h2_platform_db_backup.zip Pull the newly created zip file from the NW server appliance and store it in a secure location. After rebuilding the current NW server appliance or installing the new appliance, follow the steps below to restore the users that were previously backed up into the NW UI. Copy the H2-1.2.147.jar file retrieved in Step 3 into the root's home directory on the new NW server instance or new appliance. On the new instance or appliance, stop the Jetty service by issuing the following command: stop jettysrv Navigate to the H2 platform database directory by issuing the following command: cd /var/lib/netwitness/uax/db Back up the current H2 platform database with the following command: java -cp ~/h2-1.2.147.jar org.h2.tools.Backup -file ~/h2_platform_db_backup_orig.zip Copy the original H2 platform database backup to the new NW server appliance in the root's home directory. Restore the H2 platform database by issuing the following command: java -cp ~/h2-1.2.147.jar org.h2.tools.Restore -file ~/h2_platform_db_backup.zip Start the Jetty service while tailing the logs by issuing the following command: start jettysrv && tail -f /var/lib/netwitness/uax/logs/sa.log Once you see entries relating to Live or CMS you will know that the service has been fully initialized. Log into the NW UI and confirm that the user accounts have been restored. Navigate to the External Mappings and Settings tabs under Administration -> System -> Security and enter the Active Directory configurations as necessary.
Legacy Article ID	a65779

Attachments

Outcomes

0 Comments

Recommended Content