Newly created custom roles for a service do not also replicate to the nwappliance service when 'Duplicate Role' button is used in RSA Security Analytics

Issue

Newly created custom roles for a service do not also replicate to the nwappliance service when 'Duplicate Role' button is used.

This option is found in Administration > Services > Select a service which is also on the device/host > View\Security > Roles tab and select the 'Duplicate Role' button.



From the service go to View\Explore:

Comparing the contents of /users/groups to /deviceappliance/users/groups:




 

Note: The new custom duplicated role (e.g. DuplicateAdminRole) has not been replicated to nwappliance and all that is seen are the default Administrators and Operators roles.

Cause

This is a known issue. Please use the workaround below to resolve the problem.

Workaround

You can create the custom duplicated role in explore mode by expanding out /deviceappliance/users, right clicking on groups and selecting properties:
In other words, selecting Properties on /deviceappliance/users/groups.

Then, select add in the drop down method list and in the Parameters field input the name parameter (Group Name) and roles parameters and click Send.

Example Parameters (for nwappliance service on a Packet Decoder):
The Response Output would be (if roles copied from the decoder service):

Note: If you can see the custom group /users/groups, you can copy the roles for use in double quotes of the roles parameter in the above command.

Product Details

RSA Product Set: Security Analytics, NetWitness Logs & Packets
RSA Product/Service Type: Core Appliance
RSA Version/Condition: 10.5.x, 10.6.x

Summary

How to use another custom role besides the default Administrators or Operators roles when a custom duplicated role is not replicated for nwappliance.

Approval Reviewer Queue

RSA NetWitness Suite Approval Queue