Symantec Access Management

  • Private Community

  • 1.  Replicate CA Directory on 2 different Server?

    Posted Dec 09, 2015 07:40 AM

    Hello,

     

    I've created a dsa on one server with the name "userstorep" on port 10389 and the second dsa on another server with the name "userstores" on port 20389. I'd like to enable replication between them without using DXmanager. I'm able to replicated if both the DSAs are on the same server but how to accomplish when both of them are on different servers?



  • 2.  Re: Replicate CA Directory on 2 different Server?

    Posted Dec 09, 2015 04:32 PM

    CA Directory : Issue in enabling replication over SSL

     

    Hubert



  • 3.  Re: Replicate CA Directory on 2 different Server?
    Best Answer

    Posted Dec 09, 2015 08:22 PM

    Current setup

     

    Host A
    $DXHOME/config/servers/userstorep.dxi (sourcing a knowledge group containing self and userstores)
    $DXHOME/config/servers/userstores.dxi (sourcing a knowledge group containing self and userstorep)
    $DXHOME/config/knowledge/userstorep.dxc (address = Host A, port = 10389)
    $DXHOME/config/knowledge/userstores.dxc (address = Host A, port = 20389)
    $DXHOME/data/userstorep.db

    $DXHOME/data/userstores.db

     

    To move userstores from Host A to Host B

     

    • Host B: you need the same version of directory installed as Host A
    • Host A: stop DSAs
    • Move $DXHOME/config/servers/userstores.dxi from Host A to Host B (this file should no longer exist on Host A)
    • Move $DXHOME/data/userstores.db from Host A to Host B (remove $DXHOME/data/userstores.* from Host A)
    • Host A: update knowledge $DXHOME/config/knowledge/userstores.dxc (address = Host B, port = 20389)
    • After making the address change above copy $DXHOME/config/knowledge/* from Host A to Host B


    Copy over any configuration customizations to Host B

    • Copy $DXHOME/config/limits/* from Host A to Host B  (if you've made changes to this folder)
    • Copy $DXHOME/config/settings/* from Host A to Host B (if you've made changes to this folder)
    • Copy $DXHOME/config/access/* from Host A to Host B (if you've made changes to this folder)
    • Copy $DXHOME/config/logging/* from Host A to Host B (if you've made changes to this folder)
    • Copy $DXHOME/config/schema/* from Host A to Host B (if you've made changes to this folder)
    • Copy $DXHOME/config/ssld/* from Host A to Host B (if you've made changes to this folder)

     

    Start the DSAs on both hosts, check that they start and verify replication is working

     

    Result

     

    Host A
    $DXHOME/config/servers/userstorep.dxi (sourcing a knowledge group containing self and userstores)
    $DXHOME/config/knowledge/userstorep.dxc (address = Host A, port = 10389)
    $DXHOME/config/knowledge/userstores.dxc (address = Host B, port = 20389)
    $DXHOME/data/userstorep.db


    Host B
    $DXHOME/config/servers/userstores.dxi (sourcing a knowledge group containing self and userstorep)
    $DXHOME/config/knowledge/userstorep.dxc (address = Host A, port = 10389)
    $DXHOME/config/knowledge/userstores.dxc (address = Host B, port = 20389)

    $DXHOME/data/userstores.db