Hi,
I noticed you have multiple questions about rsaadmin account. Most of the changes you are asking about are not officially supported, and may be problematic with disaster recovery promotion, setup, or patch installing or upgrading.
We simply do not test and have workarounds written for all these asks.
Here is how you can work out your questions reliably if you do not receive any direct and specific answers on this forum:
-Spin up a new virtual primary as a development/test server and also set up a replica. Use 8.4.0.0.0 to start.
This new realm can be by itself and doesn't need to integrate with anything you have in production, it is just two test servers.
-Do any rsaadmin account changes or hardening you want to try, and also have a solid undo plan to backout any changes.
-Then check if:
a) server can reliably be rebooted and all RSA services start and system operates
(can authenticate, can make backups, replication remains normal)
b) install 8.4.0.1.0 on primary, and then replica with no rsaadmin account issues.
c) do a planned promotion of replica
d) test if backups can still be made
e) test if backup can be restored
If you can reboot and start back up successfully, and replication is normal, and make backups, install patches, and perform planned promotion for maintenance or disaster recovery, then it can be assumed your rsaadmin account changes are doing no harm.
