Creating the initial user account

Create a system administrator account for the SOAR Platform and an organization to which the administrator account belongs.

Enter the following command in your SSH client to determine how to create the platform’s system administrator account and the organization to which the administrator belongs.

sudo resutil newuser -help

The command has the following options and defaults.

  • -createorg creates the organization that contains the system administrator.
  • -createrole creates a role, if it does not exist.
  • -email provides an email address for the user. You must enter an email address.
  • -first provides the first name of the system user.
  • -last provides the last name of the system user.
  • -org provides an organization for the user. You must enter an organization name.
  • -orglocale provides the default language of the organization. The default setting is English. Use the -help option to see the list of supported languages. The language values are case-sensitive. When the organization is created, you cannot change the locale. Some text, such as regulatory and legal-related information, is available only in English.
  • -role assigns an existing role to the user. If unspecified, the default role, Master Administrator, is assigned.
  • -sysadmin assigns the user the permission to access System Settings. For more information about system settings, see https://www.ibm.com/docs/SSBRUQ_latest/doc/admin/system_settings.html.
  • -incseqcodeprefix assigns a prefix to the sequence code incident field. The field is used to sequentially number incidents. It includes a prefix of your choice, for example, ABC, and an index that increments for each new incident that is created within the organization. The sequence code is included in reports and the audit log. The prefix can be a maximum of 10 characters. If the prefix option is used in the command and a prefix is not specified, a default value is derived by using four random characters followed by a dash ( -). The prefix can be edited in the Administrator Settings - Organization tab after the organization is created. For more information, see Organization settings.
  • -incseqcodestartindex assigns a starting number to the sequence code field. If not specified, the index is set to 1. The index cannot be edited after it is created.

The command then prompts you to enter and confirm the password for this user (no keystrokes appear on the screen). The following command is an example.

sudo resutil newuser -createorg -email "jsmith@example.com" -first "John" 
-last "Smith" -org "My Company, Inc."
Enter the password for the user:
Confirm the password for the user:
Creating a new user John Smith <jsmith@example.com
Creating a new organization My Company, Inc.
Adding the user John Smith <jsmith@example.com> to the organization My Company, Inc.
Assigning the following roles to user jsmith@example.com: Master Administrator
Upon successful completion of this command, you will be able to login to the 
application and finish setup.

You can create multiple organizations in your system by running the command multiple times. You need only to provide the -first and -last options the first time the user is created.

To edit an organization, use the editorg command. Enter the following to get information about the options to use with the editorg command.
sudo resutil editorg -help
The editorg command has the following options.
  • -address1 specifies the first line or the address for the organization.
  • -address2 specifies the second line of the address for the organization.
  • -city specifies the city for the organization.
  • -name specifies the organization's new name.
  • -orgname specifies the name of the organization to be updated.
  • -state specifies the organization's new state.
  • -zip specifies the organization's new postal code.