I do a lot of work with Provider-1 customers and this question comes up every once in a while. They are usually going through the process of cleaning up their objects and policies. It is during this process that they discover that they cannot rename Global Objects. This is the default behavior in the Global SmartDashboard, but with a simple change you can unlock this ability.

There is an environment variable in the shell that needs to be changed. To accomplish this you need to change the variable and restart the MDS:

From ‘expert’ mode type the following:

mdsenv

export MDS_ALLOW_RENAME_GOBJECTS=1

mdsstop;mdsstart -s

Now go back into the Global SmartDashboard and you will be able to rename Global Objects. Make sure that the Global name does not step on the name of a Local Object name. You can avoid this by keeping the lowercase ‘g’ in the Global name.

Once you are done, you will want to return the environment to its original state. To do this type:

mdsenv

export MDS_ALLOW_RENAME_GOBJECTS

mdsstop;mdsstart -s


Want to see what this looks like in action? Here are a few screenshots:

Global Object to rename

Try to rename

Global rename error message

Setting the environment variable through SSH

Resetting environment variable to its original state

Renaming Global Objects in Provider-1

6 thoughts on “Renaming Global Objects in Provider-1

  • January 23, 2009 at 7:27 pm
    Permalink

    Heh, gave this a try in our lab today. You’re right it does unlock the ability. I can see getting into trouble with this, but I can also see using it in the future when we do our annual policy clean-up.

  • January 26, 2009 at 1:45 am
    Permalink

    Sweet!!!! Way easier than deleting them and then recreating.

  • January 29, 2009 at 4:25 pm
    Permalink

    we have a lot of global objects…and are trying to trim them down. this helps

    thanks

  • October 12, 2011 at 4:02 am
    Permalink

    I just tried this, but when assigning the global policy to the CMA I get a bunch of errors: “the object cannot be deleted because it is referenced by rule xyz”

    I was excited to read this tip because I thought we could rename global objects without removing/reinserting them into the rules.
    Is this not possible? If we can only rename UNUSED global objects then it’s not nearly as helpful as I had hoped.

  • October 17, 2011 at 12:46 am
    Permalink

    Sorry about the delay in my response, but I have been traveling. Regarding the error message you saw, are you using global objects in a local policy?

  • Pingback: 2012 CPX Review | DreezSecurityBlog

Leave a Reply

Your email address will not be published. Required fields are marked *