Required Users Accounts in Dependencies
  • 01 Oct 2024
  • Dark
    Light
  • PDF

Required Users Accounts in Dependencies

  • Dark
    Light
  • PDF

Article summary

The validated designs are very opinionated installations of Itential and its dependencies.

The following user accounts are required by the dependencies for a validated design and are used for the following purposes.

MongoDB

Account Description
admin Has full root access to the mongo database. Can read and write to any logical database. Can be used to issue admin commands like forcing an election and configuring replica sets. This is NOT used by the Itential application but is created for admin purposes.
itential Has read and write access to the “itential” database only. This is the account used by the IAP application.
localaaa Has read and write access to the “LocalAAA” database. This is used by the Local AAA adapter for local, non-LDAP logins.

Redis

Account Description
admin Has full root access to the Redis database, all channels, all keys, all commands. This is NOT used by the Itential application but is created for admin purposes.
itential Has full access to the Redis database, all channels, all keys, EXCEPT the following commands: asking, cluster, readonly, readwrite, bgrewriteaof, bgsave, failover, flushall, flushdb, psync, replconf, replicaof, save, shutdown, sync. This is the account used by the IAP application.
repluser Has access to the minimum set of commands to perform replication: psync, replconf, ping.
admin Full root access to Redis Sentinel. This is NOT used by the Itential application but is created for admin purposes of Redis Sentinel.
sentineluser Has access to the minimum set of commands to perform sentinel monitoring: multi, slaveof, ping, exec, subscribe, config|rewrite, role, publish, info, client|setname, client|kill, script|kill.

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.