logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Using CBCLUSTER as a Non-Root User Frequently Asked Questions

Using CBCLUSTER as a Non-Root User Frequently Asked Questions

Version

Cb Response 5.1.1 and above

Topic

This solution has been created to answer some common questions around "Using CBCLUSTER as a Non-Root User".

Q/A

Question 1

What version(s) of Cb Response is this feature supported in?

Answer

As of Carbon Black version 5.1.1, it is possible to define a non-root user as the remote user for minion communication and execution.  Previously, when adding a minion node to a cluster, the cbcluster utility required availability of root user on the minion node.

Question 2

Where can I locate the instructions on how to use this functionality?

Answer

These steps appear in 'Carbon Black Enterprise Response User Guide 5.1.1', Appendix L, titled "Using CBCLUSTER as a Non-Root User"

Question 3

If the password associated with the username configured to utilize NOPASSWD is going to change, will this affect minion functionality?

Answer

This is the NON-Root account that is setup for cluster management.  In the sudoers file, all commands are setup with NOPASSWORD. Since we use SSH authorized keys and NOPASSWORD in the sudoers, the account password can be changed without any interruption of service.

Labels (1)
Labels:
Was this article helpful? Yes No
No ratings
Article Information
Author:
cfrappier
Creation Date:
‎11-04-2016
Views:
774
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.