LPC client installation - using non-root userId
In the LPC 1.4 install guide, page 8, section 2.3.2.1, it says:
To perform root-less execution, your system admin must create an account called ‘radmin’ with user ID 500, group ID 500, and a home directory.
We are already using a non-root user to run the 1.2 lpc client. Is there a reason why we can’t continue to use that same user with the 1.4 client? I would think that as long as we configure the directory permissions correctly, we could continue to use the existing id.
Best Answer
-
Hello.
LPC 1.4 performs encrypted internet connections using the "new" authentication system. This system has 2 methods for access: (1) STS tokens using a "client secret" (aka password) or (2) STS tokens using JWT. For JWT configurations, the LPC requires customer data to be present on the systems. For security, LPC encrypts the customer data files and uses the non-root account "radmin" with certain directory permissions.
LPC 1.4 has not been tested using accounts other than 'root' or 'radmin'. Any attempt to use accounts other than 'root' or 'radmin' is non-standard and thus not supported. Having said this, it is possible that LPC 1.4 may function with another non-root account using the (1) STS token with "client secret". This mode for LPC 1.4 has similar behaviors to LPC 1.2 and may work with a different non-root account.
However, I would steer clear away from using a different non-root account if using LPC 1.4 with JWT functionality. The installation scripts use 'radmin' and expect to use that account. If the non-root account isn't provisioned properly, LPC 1.4 won't function correctly.
1
Answers
-
We currently use "client secret" with the 1.2 LPC and we plan to continue to use "client secret" with the 1.4 version.
0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛