Failover Installation (Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide)

Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide

Failover Installation

After the primary installation is complete, you install the Identity Synchronization for Windows Core on config-eu.gt.com, and configure it using the console.

master3-eu.gt.com is the preferred Directory Server in the failover installation.

Configuring the Preferred Directory Server

master4-eu.gt.com is the secondary Directory Server in the failover installation.

Configuring the Secondary Directory Server

ad3-eu.gt.com is chosen as the domain controller with which the Active Directory Connector will communicate.

Configuring the Active Directory Domain Controller

Note that a warning will be displayed stating that the password updates might become slow because ad3-eu.gt.com is not the PDC FSMO role owner. This warning can be ignored because changing the PDC FSMO role to this domain controller is part of the failover procedure. A similar warning is also displayed when the configuration is saved.

The remaining domain controllers are selected for failover during on-demand password synchronization.

Configuring Domain Controllers for Failover during On-Demand
Synchronization

bash-2.05# /opt/SUNWisw/bin/idsync printstat -q <
omitted password\> -w <omitted password\>
Exploring status of connectors, please wait...
Connector ID: CNN100
Type: Sun Java(TM) System Directory
Manages: dc=gt,dc=com (ldaps://master3-eu.gt.com:636)
(ldaps://master4-eu.gt.com:636)
State: READY
Installed on: connectors-eu.gt.com

Connector ID: CNN101
Type: Active Directory
Manages: gt.com (ldaps://ad1-us.gt.com:636) (ldaps://ad2-us.gt.com:636)
(ldaps://ad4-eu.gt.com:636) (ldaps://ad3-eu.gt.com:636)
State: READY
Installed on: connectors-eu.gt.com

Sun Java(TM) System Message Queue Status: Started

Checking the System Manager status over the Sun Java(TM) System Message Queue.

System Manager Status: Started

Remaining Installation and Configuration Steps:

1. Install the Sun Directory Server Plugin at master ldaps://master3-eu.gt.com:636 
by re-running the installer.
2. Install the Sun Directory Server Plugin at master ldaps://master4-eu.gt.com:636 
by re-running the installer.
3. Install the Sun Directory Server Plugin on every other master and read-only replica 
that manage users under dc=gt,dc=com.
4. Run 'idsync resync' to establish links between existing Directory Server 
and Windows users.
5. Start synchronization using the console or the 'idsync startsync' command.
SUCCESS