Manage the deploy_admin Account

The depploy_admin account is used on every NetWitness host, and must be kept in sync between all hosts. Prior to 11.4.1, the process to change the deploy_admin account required administrators to log into every NetWitness host and run the /opt/rsa/saTools/bin/set-deploy-admin-password script on each system. Starting with 11.4.1, the deploy_admin password is centrally managed with the nw-manage script on the NW Server. nw-manage script execution updates the password on all NetWitness component hosts that use the deploy_admin account. The nw-manage script output displays the password update results for each host. If a NetWitness component host is down or unreachable for any reason, the nw-manage script provides an additional option to synchronize the deploy_admin password on the previously unresponsive host with the NW Server when that host becomes available again.

The following procedures describe how to change the deploy_admin password for all hosts in your environment, for hosts in a mixed version environment, and for hosts that are unavailable during the first attempt to change the deploy_admin password.

Change the deploy_admin Account Password

  1. Log in to the NW Server host using SSH or the NwConsole.
  2. Run the following command:
    nw-manage --update-deploy-admin-pw
    A prompt for the new password is displayed.
  3. Enter the new password.

Change the deploy_admin Account Password in a Mixed Version Environment

If you are operating in a mixed version environment (for example, NW Server is on a newer version (greater than or equal to 11.4.1) and the NW component hosts are still on an older version of NetWitness (less than 11.4.1), the nw-manage script prompts you to run the /opt/rsa/saTools/bin/set-deploy-admin-password script on those older component hosts first. After the hosts on the older versions are updated, you rerun the nw-manage script on the NW Server with the --skip-version-checks argument.

  1. On each component host that is on an older version, reset the deploy_admin password by running the following command:
    /opt/rsa/saTools/bin/set-deploy-admin-password
    This resets the deploy_admin password on all the component hosts with the older versions.
  2. Log in to the NW Server host using SSH or the NwConsole and run the following command:
    nw-manage --update-deploy-admin-pw --skip-version-checks
    A prompt for the new password is displayed.
  3. Enter the new password.

Change the deploy_admin Account Password for a Component Host that is Unavailable

If a component host is down or otherwise unreachable the first time you run the nw-manage script, it is identified as skipped in the nw-manage --update-deploy-admin-pw output. When the host is back online, its deploy_admin password must be synchronized with the NW Server.

To synchronize the previously unreachable host with the NW Server:

  1. Log in to the NW Server host using SSH or the NwConsole.
  2. Run the following command:
    nw-manage --sync-deploy-admin-pw -–host-key <ID, IP, hostname or display name of host>