OS user accounts

You should limit the number of OS users on BDD nodes to minimize the risk of an unauthorized person gaining access to them.

The following table describes the users BDD requires. You should avoid creating more than these, if possible.

Account	Description
Administrator	Each BDD node should have at least one user with administrator privileges. Oracle recommends having two to provide redundancy. For additional security, avoid choosing obvious names such as `system`, `admin`, or `administrator` for your administrator user accounts.
`bdd` user	A dedicated BDD user is required on the node the installation process is run from (later called the WebLogic Admin Server). This user is referred to as the `bdd` user, and can be either an existing user or a new one. In addition to its other requirements, it must have passwordless `sudo` enabled on all BDD nodes. The `bdd` user performs the installation. After installing, it also runs all BDD processes and typically becomes the owner of the DP CLI and the BDD Shell. Because this user is so powerful, you should treat it as a special account and limit its use to as few people as possible. More information on the `bdd` user is available in the Installation Guide.
BDD Shell group members	Optional. If you install the BDD Shell application, Oracle recommends you create a dedicated BDD Shell group with limited permissions. Only members of this group are allowed to use the BDD Shell. For more information, see File permissions and the BDD Shell Guide.

Account

Description

Administrator

Each BDD node should have at least one user with administrator privileges. Oracle recommends having two to provide redundancy.

For additional security, avoid choosing obvious names such as system, admin, or administrator for your administrator user accounts.

bdd user

A dedicated BDD user is required on the node the installation process is run from (later called the WebLogic Admin Server). This user is referred to as the bdd user, and can be either an existing user or a new one. In addition to its other requirements, it must have passwordless sudo enabled on all BDD nodes.

The bdd user performs the installation. After installing, it also runs all BDD processes and typically becomes the owner of the DP CLI and the BDD Shell.

Because this user is so powerful, you should treat it as a special account and limit its use to as few people as possible.

More information on the bdd user is available in the Installation Guide.

BDD Shell group members

Optional. If you install the BDD Shell application, Oracle recommends you create a dedicated BDD Shell group with limited permissions. Only members of this group are allowed to use the BDD Shell. For more information, see File permissions and the BDD Shell Guide.