I am currently setting up 3 ACS servers over the WAN. I want all servers to have the same naming standard but one of the remote offices already named theirs, I need to change the server/instance name.
Can this be done? If so, what steps other than renewing certs would I have to do?
I couldn't find the answer to this either so I decided to just try it and see what happens in a test environment. My ACS server FYI was only running local authentication, but I don't know if this matters. Also not doing any replication or clustering.
For the benefit of others this is what happened when I changed it via command line (ACS appliance running 5.2):
hostname_old/myusername(config)# hostname hostname_new
Changing the hostname or IP may result in undesired side effects,
such as installed application(s) being restarted.
Are you sure you want to proceed? [y/n] y
Hostname was modified.
ACS is restarting and a new HTTP certificate will be generated.
Stopping Management and View...............................................................
Starting ACS ....
To verify that ACS processes are running, use the
'show application status acs' command.
hostname_new/myusername# show application status acs
ACS role: PRIMARY
Process 'database' running
Process 'management' running
Process 'runtime' running
Process 'view-database' running
Process 'view-jobmanager' running
Process 'view-alertmanager' running
Process 'view-collector' running
Process 'view-logprocessor' running
I logged out of the browser (IE) and the web page wouldn't paint - probably something old cached in the browser.
I then closed the browser and opened it again, re-launched the web page and it came up, no problem.
Never lost SSH session. Opened new SSH session and it worked. Went to a test device that authenticates against ACS and had no issues logging in. So basically, changing the hostname seems pretty painless.
Step 1 Log into the ACS primary web interface and Choose System Administration > Operations > Distributed System Management to deregister all the secondary ACS instances from the primary ACS server.
Make sure that the log collector is running in the primary ACS server before deregistering all secondary ACS instances. If the log collector is running in any one of the secondary ACS server, change the log collector to the primary ACS server.
To change the log collector, see Configuring the Log Collector.
To set the hostname of the Cisco Secure ACS Appliance, use the set hostname command.