Hi Juliette,
are you speaking about a Splunk user on Forwarder, correct?

Forwarders are usually managed using a Deployment Server (see http://docs.splunk.com/Documentation/Splunk/7.0.2/Updating/Configuredeploymentclients )
in few words on forwarder run the following commands
splunk set deploy-poll :
splunk restart
and then manage its configurations on your Splunk Enterprise (if you have an All-in-one installation and few forwarders), or on your Deployment Server (if you have many forwarders) deploying Technical Add-ons (see the below url).

Otherwise, if you're making a test or a PoC, you can manually configure forwarders using admin user: there are no reasons to use a different Splunk user (if possible: I never tried!).
Eventually, you could change the default admin password:

splunk edit user admin -password "new_password" -auth admin:current_password

Anyway you can have different passwords between Splunk Enterprise and Forwarders.

Bye.
Giuseppe

Hi, thanks again for your answer.
Sorry, but just to be clear : Is that mandatory to use deployment server ?
Because currently, I have 3 forwarders on 3 remote machine. As you say, it was a PoC but it's become a pilote and for security reason the user allowing connection when I do :

[host /]$ sudo /opt/splunkforwarder/bin/splunk add forward-server ip:port -auth admin:changeme

in my remote machine is my admin account.

If i create in Splunk web interface an user with the same role as admin (all the roles), and i try again on my remote server to add forwarder server :

[host /]$ sudo /opt/splunkforwarder/bin/splunk add forward-server ip:port -auth juliette:juliette

Then login failed. While nothing is different between admin user and juliette user.

I'm not sure that i explain well my problem, maybe it's my english or maybe i don't understand something in splunk configurations.

Another time,

Thanks a lot.
Regards,
Juliette