Sun Identity Manager 8.1 Resources Reference

Step 2: Define the Active Directory On-Error Process Active Sync Attribute

On each Active Directory Active Sync resource, Identity Manager defines an onError process that is called when a failure occurs during the synchronization of a resource. If an Active Directory resource defines an on-error process, this process is called if there errors occur when the poll method is called on the resource during active synchronization. This process checks the result from the IAPI objects, and if an error occurs, calls the defined process.

Configure this process to notify an administrator through email when an error occurs. Include the error text in the email body so that the administrator can determine if the error warrants that Identity Manager fails over to another domain controller.

Using the error text, the administrator is alerted to a potentially lengthy outage or an outrage due to a temporary, quickly resolved issue (such as a temporary routing issue that is resolved by the next poll attempt).

Step 3: Run Active Directory Synchronization Failover Task for the Failed Resource

If the domain controller returns an error that warrants failing over to another domain controller, run the Active Directory Synchronization Failover task from the Task page.

For manual fail-over mode, the fail-over task requests

You also must choose whether to restart Active Sync after the switch to a new domain controller is complete.

How the Task Works

When executed, the Active Directory Synchronization Failover task

ProcedureTask Actions

  1. Stops the Active Sync process on the failed resource

  2. Reads in the fail over configuration object

  3. Changes necessary resource attribute values

  4. Optionally restarts the Active Sync process.