Possible to Rename Realm?

When setting up privacyIDEA, we unfortunately did not think to match the realm name to our domain name. Is it possible to rename the realm?

If I’m unable to rename the realm, I did find a workaround using the mangle setting of the authentication policy.

You can only create a new realm with the same resolvers. The new realm has a new database ID. Thus you would loose all token assignments.

The token assignments are connected to the realm ID via the database tables “tokenowner” and “tokenrealm”.

You could in theory simply rename the realm in the the database table “realm”. Then you would not need to fiddle around with" tokenonwer" and “tokenrealm”.

But for historic reasons the policies still save the literal name of the realm (not the ID), so you would also have to alter the table “policy”.

Hope this gives some insight for the future.

These comments are true for version 3.3. Future version might be different!