Red Hat Summit Red Hat SummitSuporteConsoleDesenvolvedoresComeçar um testeContato

Este conteúdo não está disponível no idioma selecionado.

3.9. Renaming Client Machines

This section explains how to rename an IdM client. The process involves:
Warning
Renaming a client is a manual procedure. Red Hat does not recommend it unless changing the host name is absolutely required.

Identifying Current Service and Keytab Configuration

Before uninstalling the current client, make note of certain settings for the client. You will apply this configuration after re-enrolling the machine with a new host name.
  1. Identify which services are running on the machine:
    1. Use the ipa service-find command, and identify services with certificates in the output: 
      $ ipa service-find client.example.com
      Copy to Clipboard Toggle word wrap
    2. In addition, each host has a default host service which does not appear in the ipa service-find output. The service principal for the host service, also called a host principal, is host/client.example.com.
  2. Identify all host groups to which the machine belongs. 
    # ipa hostgroup-find client.example.com
    Copy to Clipboard Toggle word wrap
  3. For all service principals displayed by ipa service-find client.example.com, determine the location of the corresponding keytabs on client.example.com.
    Each service on the client system has a Kerberos principal in the form service_name/hostname@REALM, such as ldap/client.example.com@EXAMPLE.COM.

Removing the Client Machine from the IdM Domain

  1. Unenroll the client machine from the IdM domain. See Section 3.7, “Uninstalling a Client”.
  2. For each identified keytab other than /etc/krb5.keytab, remove the old principals: 
    [root@client ~]# ipa-rmkeytab -k /path/to/keytab -r EXAMPLE.COM
    Copy to Clipboard Toggle word wrap
    See Section 29.4, “Removing Keytabs”.
  3. On an IdM server, remove the host entry. This removes all services and revokes all certificates issued for that host: 
    [root@server ~]# ipa host-del client.example.com
    Copy to Clipboard Toggle word wrap
At this point, the host is completely removed from IdM.

Re-enrolling the Client with a New Host Name

  1. Rename the machine as required.
  2. Re-enroll the machine as an IdM client. See Section 3.8, “Re-enrolling a Client into the IdM Domain”.
  3. On an IdM server, add a new keytab for every service identified in the section called “Identifying Current Service and Keytab Configuration”. 
    [root@server ~]# ipa service-add service_name/new_host_name
    Copy to Clipboard Toggle word wrap
  4. Generate certificates for services that had a certificate assigned in the section called “Identifying Current Service and Keytab Configuration”. You can do this:
  5. Re-add the client to the host groups identified in the section called “Identifying Current Service and Keytab Configuration”. See Section 13.3, “Adding and Removing User or Host Group Members”.
Voltar ao topo
Red Hat logoGithubredditYoutubeTwitter

Aprender

Experimente, compre e venda

Comunidades

Sobre a documentação da Red Hat

Ajudamos os usuários da Red Hat a inovar e atingir seus objetivos com nossos produtos e serviços com conteúdo em que podem confiar. Explore nossas atualizações recentes.

Tornando o open source mais inclusivo

A Red Hat está comprometida em substituir a linguagem problemática em nosso código, documentação e propriedades da web. Para mais detalhes veja o Blog da Red Hat.

Sobre a Red Hat

Fornecemos soluções robustas que facilitam o trabalho das empresas em plataformas e ambientes, desde o data center principal até a borda da rede.

Theme

© 2026 Red Hat