Regenerating a node secret – RSA Security 6.1 User Manual
Page 84
72
Administering RADIUS Servers
September 2005
4
Run the
rsainstalltool
(Windows) or
rsaconfiguretool
(Solaris/Linux) utility with the
identity
option.
To rename a Primary RADIUS Server, enter the following command:
# ./rsaconfiguretool -identity PRIMARY
To rename a Replica RADIUS Server, enter the following command:
# ./rsaconfiguretool -identity REPLICA
5
Restart the updated server so that it can load its new configuration.
6
Run the RSA RADIUS Administrator and modify the DNS name or IP
address for the server you want to rename. Verify that the secret on the
renamed server is correct.
You may need to use the Replication panel to delete the old server name from
the list of servers in the realm.
NOTE: After you change the name or IP address of a Primary or Replica
RADIUS Server, use RSA Authentication Manager to change the Agent Host
record in the Authentication Manager database.
7
Publish the modified configuration to propagate the name change to the
Replica RADIUS Servers.
Regenerating a Node Secret
You can regenerate the node secret used to authenticate communication between
the RSA Authentication Manager and RSA RADIUS Server at any time.
To regenerate a node secret:
1
Stop the RSA RADIUS service/daemon on the RADIUS server.
2
Log into the RADIUS server as
root
(Solaris/Linux) or administrator
(Windows).
3
Navigate to the
..RSA Radius\Service
(Windows) or
/opt/rsa/radius (Solaris/Linux)
directory.
4
Run the
rsainstalltool
(Windows) or
rsaconfiguretool
(Solaris/Linux) utility with the
identity
option.
To regenerate the node secret for a Primary RADIUS Server, enter the
following command:
# ./rsaconfiguretool -identity PRIMARY