Legacy Local User "DefaultLocalUser" Is Being Retired

To strengthen the security posture of Oracle Cloud Infrastructure tenancies, Oracle is retiring a legacy local user named DefaultLocalUser from affected customer tenancies.

This user was created during a historical OCI tenancy provisioning process. Customers might not recognize this user because it was system-created during tenancy setup and might not have been intentionally created or actively managed by the customer.

OCI is retiring this legacy user to help reduce unmanaged local administrator accounts and align OCI tenancies with current identity and security best practices.

• Action required: Review the DefaultLocalUser account in your OCI tenancy. If you don't use this account, disable or delete it. If you use this account, first create or confirm another administrator account, group, or federated identity path with the required permissions. After confirming replacement administrator access, stop using DefaultLocalUser and disable or delete the account.
• Scope: Affected OCI tenancies that contain the legacy local user DefaultLocalUser.
• Impact: No workload impact is expected if the tenancy has another active administrator access path. Customers who use DefaultLocalUser for administration should migrate to another administrator access path before disabling or deleting the account.

OCI will send reminder notifications before taking action. OCI plans to disable DefaultLocalUser 21 days after the initial customer notification if it hasn't already been disabled or deleted. OCI plans to delete DefaultLocalUser 35 days after the initial customer notification if it hasn't already been deleted.

For assistance, contact OCI Support or your OCI account team.