Contact Us 1-800-596-4880
  1. Homepage
  2. Anypoint Platform Private Cloud Edition (4.0)
  3. Configuring Anypoint Platform PCE

  4. Deleting the Local User after Installing Anypoint Platform PCE

Deleting the Local User After Installing Anypoint Platform PCE

During installation, Anypoint Platform Private Cloud Edition (Anypoint Platform PCE) creates a local Anypoint Platform user that enables you to configure platform components during installation. The credentials for this user are stored locally in Anypoint Platform. However, after configuring an external authentication provider such as LDAP, you should delete this user to improve security.

  1. Before deleting the local user, perform the following steps:

    • Install and configure your external identity provider.

    • Ensure that SystemAdmin user is not the owner of any other organizations.

  2. Select the new user to whom you want to assign administrator privileges. This user must be defined in your external identity provider.

  3. Determine the internal user ID for this user.

    1. From Anypoint Platform, select Access Management.

    2. Select Users.

    3. Select the name of the user.

    4. Record the internal user ID. This ID appears in the URL as:

      Example of User ID in the URL

  4. Configure your installer machine with `kubeconfig.yaml to access the Anypoint Platform PCE K8s cluster.

    1. Set the environment variable KUBECONFIG=/path/to/kubeconfig.yaml.

    2. Check access to kubernetes cluster with kubectl get nodes.

  5. Identify one of the authentication-server containers:

    kubectl get pods -n access-management -l component=authentication-server

  6. Change the owner, providing the internal the authentication-server container and user ID obtained earlier:

    kubectl exec -it -n access-management <authentication-server-pod> -c application – node bin/change_owner.js --new-owner-id <user_id>

    This command changes the owner from the default system user to a new user managed by the external authentication provider. The command you use should be similar to the following example:

    kubectl exec -it -n access-management <authentication-server-pod> -c application – node bin/change_owner.js --new-owner-id a363279f-982f-493c-b08f-9feb91be90d4

  7. Disable and delete the System Admin user.

    1. Log in as the user you just added as the organization owner.

    2. From Anypoint Platform, select Access Management.

    3. Select Users.

    4. Select username in the same row as SystemAdmin.

    5. Select Disable.

    6. Select Delete.

This removes the default user from the platform.

See Also