Symantec Access Management

  • Private Community

  • 1.  2 CA Directories on a dev box for testing

    Posted Oct 02, 2017 01:51 PM

    We are in the development phase of the project. 2 teams are using the same box. Is it ok to create 2 CA directory instances on a single box? What problems do you forsee in testing phase in the project? Does it have port issues? We will be using one CA Directory for CA IDM and the other for PAM SC



  • 2.  Re: 2 CA Directories on a dev box for testing
    Best Answer

    Posted Oct 02, 2017 11:24 PM

    Thanks for the question!

    There is no issue have multiple DSAs on the same box sharing a CA Directory installation. A few comments:

    • Different products may be certified against different versions of CA Directory. Though, as the communication protocol (LDAP) doesn't change between releases we don't see versioning issues.
    • Ports conflicts can be easily avoided if the DSAs are created using different ports. If a port conflict occurs, the DSA will log a warning and not start.
    • DSAs can be configured to share knowledge with each other. You would not want to do this if they are servicing different applications
    • Schema can be configured on a per DSA basis (source application specific schema in $DXHOME/config/servers/servername.dxi
    • The DSAs will need unique server names


  • 3.  Re: 2 CA Directories on a dev box for testing

    Posted Oct 03, 2017 11:13 AM

    Thanks! That helps