000025163 - How to change hostname and IP Address of Primary RSA Authentication Manager (5.2 and 6.X)

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025163
Applies ToRSA ACE/Server 5.0 (no longer supported as of 8-15-2004)
RSA Authentication Manager 6.1 ( Ace Server 5.2 and 6.X )
UNIX(AIX, HP-UX, Solaris)
sddump
sdnewdb
sdload
sdrepmgmt
IssueHow to change hostname and IP Address of Primary RSA Authentication Manager (5.2 and 6.X)
During the primary ACE/Server installation, the hostname of the machine will be loaded into replica table. The upper case letter 'P' precedes the hostname in the replica table, indicating that it is primary ACE/Server. If for any reason this hostname has to be changed, it is not possible to change it using sdrepmgmt modify or delete.
ResolutionIn case of RSA Authentication Manager 6.0.2 or 6.1:
Note : Do not change the hostname or IP Address of the machine running primary server, without changing it in replica table and configuration management
1. Change the IP Address and \or hostname in  \etc\hosts file. If you have a DNS already configured make sure that these changes are made in DNS.
2. Stop the RSA services on primary and run sdrepmgmt modify command. Enter the new server name \or and IP Address.
3. Edit configuration Management ( On UNIX ./sdsetup -config ) and change the IP Address and \or hostname in field of Primary and This Server.
4. If you are changing hostname, My Computer --- > Right Click --- > Properties --- > Computer Name --- > Change --- > New Name. Restart the machine.
5. If you are changing IP Address, My Network Place --- > Right Click ---> Properties --- > Local Area Connection --- > Right Click --- > Properties --- > TCP/IP Properties --- > New IP. Restart the machine.
Note : If you want to change IP Address and Host name at the same time, step no 4 and 5 can be done at the same time and restart the machine.
6. After the reboot, stop all RSA services, start Replica Management table or sdrepmgmt list. A message appears stating hostname \or IP Address Change. Click OK.
Note : Copy the sdconf.rec from the primary to all agent host machines. It is not necessary to re-establish the node secret. Replacing sdconf.rec file requires restarting the RSA Agent services or restarting the machine.


RSA ACE Server 5.0 and 5.1
Note : The upper case letter 'P' precedes the hostname in the replica table, indicating that it is primary ACE/Server. If for any reason this hostname has to be changed, it is not possible to change it using sdrepmgmt modify or delete in ACE Server 5.0 and 5.1 Version
If the database has a large number of users and currently in production, then the following procedure needs to be done during the downtime:
1. Start the ACE/Server database administration. Edit the Agent host for primary. Change the name of the primary to new name. Change the name in the acting master field to new name of primary. If you have replicas installed already, add the acting slave with appropriate name.
2. Stop the ACE/Server. Confirm that broker services are not running.
3. cd ace/prog. Run sddump selecting server option. This will create sdserv.dmp file. Save the files license.rec and sdserv.dmp in a safe location. These files are absolutely necessary to load the database into ACE/Server.
4. Run sdnewdb. Select the server option. This will create a new empty server database.
5. Run sdrepmgmt add. This will prompt for the server name. Provide the new name for the primary server. The new name must be resolved by the machine prior to adding
to replica table. Otherwise sdrepmgmt does not allow to add an invalid hostname.
6. Add all replicas to replica table using sdrepmgmt add. It is  a good idea to create the entire replica table before doing the merge in case there are any agent hosts with acting master/acting slave so the agent hosts will all load correctly.
7. a. Run sdrepmgmt list. Verify if new name of primary is in the replica table.
    b. Create an administrative account prior to loading:
    sdcreadm administrator
8. Run sdload  with the server option. This will load the users and clients into empty database.
    ./sdload -s -f /"full path"/sdserv.dmp -k /"full path"/license.rec -m
    This does a database merge using the replica table just created.
9. On NT ACE/Server, edit the ACE/Server configuration management to change the name of primary to match the entry in replica table. On Unix Ace/Server:
    ./sdsetup -config
NOTE: You may have to set the USR_ACE and VAR_ACE environment variables prior to running the sdsetup -config.
10. Start ACE/Server. Start the Database administration. Verify the presence of users and Agent hosts.
11. Generate new sdconf.rec file for the clients if any changes were made to Ip address.
NOTE: RSA ACE/Server 5.1 has made it easier to be able to rename the Primary. See the ACE/Server 5.1 documentation for more information.
Legacy Article IDa4136

Attachments

    Outcomes