Post-installation settings

Propagation of users in a cluster

Neo4j provides a native auth provider that stores user and role information in the system database. To synchronize the user base, you will have to manually propagate users by creating the same accounts on each server in the cluster.

SECollab will not work if its Neo4j user "secollab" is not the same on each server in the cluster.

Changing the administrator account

By default, there is only one user on a Neo4j database. This one has the role "admin" and its identifiers are "neo4j" for the login and "neo4j" for the password. This account is not usable because it is mandatory to change the default password to use it. For that, we will use the command-line utility "neo4j-admin".

neo4j-admin set-initial-password aV3ryChall3ngingPassw0rd
Changed password for user 'neo4j'

Related documentation is available in section 4.4 of the pdf (or online).

Creating an application account for SECollab

To work SECollab needs an account with an "architect" role. To create a user, we will use the client cypher-shell to connect to the Neo4j database and pass user management queries (the cypher-shell tool is available in the NEO4J_HOME/bin of the Neo4j installation folder). To do this, follow these instructions:

With the same method, you can create a new user, give them a role "admin" and delete the user "neo4j" present by default to the installation of Neo4j.

For more information, see section 11 of the pdf documentation (or online).

For more information about the Cypher syntax and the user management, see section 25.2 of the The Neo4j Cypher Manual pdf documentation (or online).

Firewall settings

For authorization of network flows, see section 4.3 of the pdf documentation (or online).

Some details: