on Mar 9, 2017Article Content
| Article Number | 000034812 |
| Applies To | RSA Product Set: Security Analytics, NetWitness Logs & Packets RSA Product/Service Type: Core Appliance RSA Version/Condition: 10.5.x, 10.6.x |
| Issue | Newly created custom roles for a service do not also replicate to the nwappliance service when 'Duplicate Role' button is used. This option is found in Administration > Services > Select a service which is also on the device/host > View\Security > Roles tab and select the 'Duplicate Role' button.  From the service go to View\Explore: Comparing the contents of /users/groups to /deviceappliance/users/groups:   Note: The new custom duplicated role (e.g. DuplicateAdminRole) has not been replicated to nwappliance and all that is seen are the default Administrators and Operators roles. |
| Cause | This is a known issue. Please use the workaround below to resolve the problem. |
| Workaround | You can create the custom duplicated role in explore mode by expanding out /deviceappliance/users, right clicking on groups and selecting properties: In other words, selecting Properties on /deviceappliance/users/groups. Then, select add in the drop down method list and in the Parameters field input the name parameter (Group Name) and roles parameters and click Send. Example Parameters (for nwappliance service on a Packet Decoder):
The Response Output would be (if roles copied from the decoder service):
Note: If you can see the custom group /users/groups, you can copy the roles for use in double quotes of the roles parameter in the above command. |