Reconfigure Engine settings

On the command line of the Engine, you can use the Engine Configuration Wizard to change settings that were defined during the installation of the Engine.

The Engine Configuration Wizard also allows you to re-establish a trust relationship between the Engine and the Management Server if the trust is lost.

Note: On Engines that are fully configured, you can change each setting individually without changing the other settings. All steps are optional.

Steps

  1. Start the Engine Configuration Wizard using one of the following commands:
    • sg-reconfigure --no-shutdown — The Engine Configuration Wizard starts without shutting down the Engine. You cannot change network interface settings in this mode.
    • sg-reconfigure — The Engine shuts down and the Engine Configuration Wizard starts. All options are available if you have a local connection. If you have a remote SSH connection, you cannot change network interface settings.
  2. Change the general settings.
    • Change the keyboard layout for command-line use.
    • Change the time zone for command-line use.
    • Change the host name of the engine.
    • Enable or disable SSH access to the engine command line.
      Note: Unless you have a specific reason to enable SSH access to the engine command line, we recommend leaving it disabled.
  3. Change the password for the root user account.
    1. Highlight Change, then press Enter.
    2. Enter and confirm the new password for the root user account.
    3. Highlight OK, then press Enter.
  4. Change the bootloader password.
    The bootloader password prevents unauthorized editing of parameters in the second-level grub menu on the Engine.
    1. Highlight Change, then press Enter.
    2. Enter and confirm the new bootloader password.
    3. Highlight OK, then press Enter.
  5. Change the network card settings and the mapping of network cards to Interface IDs.
  6. Change the settings on the Prepare for Management Contact screen.
    Note: The Management Server contact details are not used by the Engine after a policy has been installed from the Management Server. They are shown for your reference only.
    • To re-establish the trust relationship between the Engine and the Management Server, select Contact Management Server, then enter a new one-time password.
      Select this option when you want to replace a missing or expired certificate, or if the trust relationship with the Management Server is lost for any other reason, such as changing the Management Server’s IP address.
      CAUTION:
      If there is a Firewall or Layer 2 Firewall between a remote Engine and the Management Server, you must allow the connection in the Firewall or Layer 2 Firewall Access rules. If there is a NAT device between a remote Engine and the Management Server, you must also configure NAT rules for the connection in the Firewall Policy. Otherwise, the Engine cannot contact the Management Server.
    • To reset the Engine to the post-installation state, select Switch to Initial Configuration.
      CAUTION:
      Selecting this option removes all configuration and policy information that has been transferred to the Engine. The post-installation state uses a policy that allows communication only between the Engine and the Management Server. You must install a policy on the Engine before it can be operational again.