Running Cassandra as a non-SYSTEM user (Windows)

By default, DataMiner will run the Cassandra service with SYSTEM privileges. To reduce the impact of a breach through the Cassandra service, we recommend running Cassandra as a restricted user.

Tip

If you do not want the hassle of maintaining the DataMiner storage databases yourself, we recommend using DataMiner Storage as a Service instead.

To run Cassandra as a non-SYSTEM user:

1. Stop the DataMiner Agent.

2. Open a command prompt as Administrator.

3. Execute the compmgmt.msc command to open Computer Management.

4. Navigate to Computer Management (Local) > System Tools > Local Users and Groups > Users.

5. Right click Users and select New User.

6. Fill in a User Name, for example cassandra_service.

7. Configure a strong password.

8. Clear the checkbox the User must change password at next logon.

9. Select the checkboxes User cannot change password and Password never expires.

10. Grant the user Modify access to the following folders:

    • C:\Program Files\Cassandra\data

    • C:\Program Files\Cassandra\logs

    • C:\Program Files\Cassandra\bin\daemon\

    • C:\ProgramData\Cassandra

    Caution

    Do not grant the permissions on the entire C:\Program Files\Cassandra folder, as this may introduce vulnerabilities.

11. Go back to the command prompt and execute the services.msc command to open the Service Manager.

12. Stop the Cassandra service.

13. Right-click the Cassandra service and open Properties.

14. Open the Log On tab and select This account.

15. Fill in the credentials for the user you created earlier.

16. Click Apply and OK to close the properties window.

17. Start the Cassandra service.

18. Start the DataMiner Agent.