26 September,17 at 06:14 PM
Can you rename a computer role without affecting the computers in that role?
Answer:Yes, the computer role can be renamed as needed.
However, below are steps that can be taken to verify that the machines picked up the computer role name change.
Run the following commands to verify:
1) /usr/share/centrifydc/bin/adcache -L -o /tmp/adcache.txt
2) grep -i <new-computer-role> /tmp/adcache.txt
The output might look something like this:
[root@centos6 tmp]# grep -i TestTwoRename /tmp/adcache.txt
Key[24]: OCEAN.NET:CN=ba924ef6-63ac-4929-a5b1-d6484cc6d9f2,CN=Authorization,CN=Headquarters,CN=Zones,OU=Centrify,DC=ocean,DC=net:(&(objectClass=msDS-AzScope)(msDS-AzScopeName=TestTwoRename)):1:0
_cimsldapFilter(s):OCEAN.NET:CN=ba924ef6-63ac-4929-a5b1-d6484cc6d9f2,CN=Authorization,CN=Headquarters,CN=Zones,OU=Centrify,DC=ocean,DC=net:(&(objectClass=msDS-AzScope)(msDS-AzScopeName=TestTwoRename)):1:0
msDS-AzScopeName(s):TestTwoRename
The output shows the new computer role name and also the location of the computer role, therefore the changes can be validated.
KB-20210: Common Questions Regarding Centrify DirectControl and CoreOS
KB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role?
KB-6056: How to report the group policy settings that are in effect for the local computer?
KB-6041: How to show current license type in use by adclient
KB-6040: How to change the license type in use after adclient successful joined to the AD?
KB-2941: How to safely join a Cloned VM machine to the domain without disjoining the the source (production) machine?.
KB-6038: How to specify the license type to use when joining the server to AD using adjoin?
KB-3925: How to add Centrify parameter to a group policy
KB-9212: Join a Computer With Adjoin to the AD Domain Without the Computer Object Taking the Pre-Windows 2000 Name