26 September,17 at 06:14 PM
Can you rename a computer role without affecting the computers in that role?
Answer:Yes, the computer role can be renamed as needed.
However, below are steps that can be taken to verify that the machines picked up the computer role name change.
Run the following commands to verify:
1) /usr/share/centrifydc/bin/adcache -L -o /tmp/adcache.txt
2) grep -i <new-computer-role> /tmp/adcache.txt
The output might look something like this:
[root@centos6 tmp]# grep -i TestTwoRename /tmp/adcache.txt
Key[24]: OCEAN.NET:CN=ba924ef6-63ac-4929-a5b1-d6484cc6d9f2,CN=Authorization,CN=Headquarters,CN=Zones,OU=Centrify,DC=ocean,DC=net:(&(objectClass=msDS-AzScope)(msDS-AzScopeName=TestTwoRename)):1:0
_cimsldapFilter(s):OCEAN.NET:CN=ba924ef6-63ac-4929-a5b1-d6484cc6d9f2,CN=Authorization,CN=Headquarters,CN=Zones,OU=Centrify,DC=ocean,DC=net:(&(objectClass=msDS-AzScope)(msDS-AzScopeName=TestTwoRename)):1:0
msDS-AzScopeName(s):TestTwoRename
The output shows the new computer role name and also the location of the computer role, therefore the changes can be validated.