test

Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide

Failover Installation

Once the primary installation is complete, the Identity Synchronization for Windows Core is installed on config-eu.gt.com, and the console is used to configure it.

Figure 3–16 Configuring the Preferred Directory Server

Configuring the Preferred Directory Server

master3-eu.gt.com is the preferred Directory Server master in the failover installation.

Figure 3–17 Configuring the Secondary Directory Server Master

Configuring the Secondary Directory Server Master

master4-eu.gt.com is the secondary directory server master in the failover installation.

Figure 3–18 Configuring the Active Directory Domain Controller

Configuring the Active Directory Domain Controller

ad3-eu.gt.com is chosen as the domain controller with which the Active Directory Connector will communicate.

A warning is displayed stating that the password updates might get slow because ad3-eu.gt.com is not the PDC FSMO role owner. This warning can be ignored because changing the PDC FSMO role to this domain controller is part of the failover procedure. A similar warning is also displayed when the configuration is saved.

Figure 3–19 Configuring Domain Controllers for Failover during On-Demand Synchronization

Configuring Domain Controllers for Failover during On-Demand Synchronization

The remaining domain controllers are selected for failover during on-demand password synchronization.

bash-2.05# /opt/SUNWisw/bin/idsync printstat -q <
omitted password\> -w <omitted password\>
Exploring status of connectors, please wait...
Connector ID: CNN100
Type: Sun Java(TM) System Directory
Manages: dc=gt,dc=com (ldaps://master3-eu.gt.com:636)
(ldaps://master4-eu.gt.com:636)
State: READY
Installed on: connectors-eu.gt.com
Connector ID: CNN101
Type: Active Directory
Manages: gt.com (ldaps://ad1-us.gt.com:636) (ldaps://ad2-us.gt.com:636)
(ldaps://ad4-eu.gt.com:636) (ldaps://ad3-eu.gt.com:636)
State: READY
Installed on: connectors-eu.gt.com

Sun Java(TM) System Message Queue Status: Started

Checking the System Manager status over the Sun Java(TM) System Message Queue.

System Manager Status: Started

Remaining Installation and Configuration Steps:

1. Install the Sun Directory Server Plugin at master ldaps://master3-eu.gt.com:636 
by re-running the installer.
2. Install the Sun Directory Server Plugin at master ldaps://master4-eu.gt.com:636 
by re-running the installer.
3. Install the Sun Directory Server Plugin on every other master and read-only replica 
that manage users under dc=gt,dc=com.
4. Run 'idsync resync' to establish links between existing Directory Server 
and Windows users.
5. Start synchronization using the console or the 'idsync startsync' command.
SUCCESS