Default users

When you install IBM Security Guardium Key Lifecycle Manager, some default administrator users are created with the necessary permissions to administer the product.

Installation of IBM Security Guardium Key Lifecycle Manager provides default administrator user IDs: SKLMAdmin, KLMDB421.

The installation must be run by a local administrative ID, which is root for AIX or Linux systems or a member of the Administrators group on Windows systems.

The following table provides the default user IDs and guidance on specifying their passwords. Also, see Password policy.

Table 1. Administrator user IDs and passwords
User User ID Password
IBM Security Guardium Key Lifecycle Manager administrator SKLMAdmin

As the primary administrator with full access to all operations, this user ID has the klmSecurityOfficer super user role, in the group that is named klmSecurityOfficerGroup. This user ID is not case-sensitive. Alternatively, use sklmadmin. Use the SKLMAdmin user ID to administer IBM Security Guardium Key Lifecycle Manager.

With the SKLMAdmin user ID, you can:

  • View and use the IBM Security Guardium Key Lifecycle Manager interface.
  • Change the password for the IBM Security Guardium Key Lifecycle Manager administrator.
  • Create one or more extra IBM Security Guardium Key Lifecycle Manager administrator user IDs, and perform other user management tasks.
Specify and securely store a password during installation.
The IBM Security Guardium Key Lifecycle Manager Db2 database
Instance owner of the database The default value is KLMDB421. The ID is the installation default user ID for the instance owner of the database.

You can specify a different value during the installation. The character limits for the different operating systems are:

  • Windows: The user ID can be up to 20 characters long.
  • Linux or AIX: The user ID can be up to 8 characters long.

The instance name is KLMDB421.

If you use an existing user ID as instance owner of the IBM Security Guardium Key Lifecycle Manager database, the user ID cannot own another database instance.

Note: Do not use a hyphen (-) or underscore character (_) when you specify a user ID for an existing copy of Db2.
Specify and securely store a password during installation. This password is an operating system password. If you change the password on the operating system, you must change this password.
Database instance The administrator ID KLMDB421 owns a Db2 instance named KLMDB421.