test

Deployment Example 1: Access Manager 7.0 Load Balancing, Distributed Authentication UI, and Session Failover

ProcedureTo Initialize the Master Replica

  1. On DirectoryServer–1, in the Directory Server console, navigate through the tree in the left panel to find the Directory Server instance named am-config, and click on the instance name to display its general properties.

  2. Double-click the instance name Directory Server (am-config) in the tree to display the console for managing the data.

  3. Click the Configuration tab and navigate to the Replication pane.

    1. Expand the Data node.

    2. Expand the node for the suffix you want to be a master replica.

      In this example, double-click the suffix o=example.com.

    3. Click Replication.

  4. In the list of defined agreements, select the replication agreement corresponding to DirectoryServer-2, the consumer you want to initialize.

  5. Click Action > Initialize remote replica.

    A confirmation message warns you that any information already stored in the replica on the consumer will be removed.

  6. In the Confirmation dialog, click Yes.

    Online consumer initialization begins immediately. The icon of the replication agreement shows a red gear to indicate the status of the initialization process.

  7. Click Refresh > Continuous Refresh to follow the status of the consumer initialization.

    Any messages for the highlighted agreement will appear in the text box below the list.

  8. Verify that replication is working properly.

    1. Log in to both Directory Server hosts as a root user, and start both Directory Server consoles.

    2. Log in to each Directory Server console.

    3. In each Directory Server console, enable the audit log on both Directory Server instances.

      Go to Configuration > Logs > Audit Log. Check Enable Logging, and then click Save.

    4. In separate terminal windows , use the tail -f command to watch the audit log files change.

    5. On DirectoryServer-1, in the Directory Server console, create a new user entry.

      • Go to the Directory tab, and right-click the suffix o=example. Then click New > Group.

        Name the new group People, and then click OK.

      • Click People, and then right-click to choose New > User.

      • In the Create New User dialog, enter a first name and last name, an then click OK.

      Note the user entry is created in the instance audit log. Check to be sure the same entry is also created in on DirectoryServer-2 in the Directory Server instance audit log

    6. On DirectoryServer-2, in the Directory Server console, create a new user entry.

      • Go to the Directory tab, and right—click the suffix o=example.comClick People, and then right-click to choose New > User.

      • In the Create New User dialog, enter a first name and last name, an then click OK.

        Note the user entry is created in the instance audit log. Check to be sure the same entry is also created in on DirectoryServer-1 in the Directory Server instance audit log

    7. Delete both new user entries in the Directory Server 2 console.

      Look in the Directory Server 1 console to verify that both users have been deleted.