| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Identity Synchronization for Windows 6.0 Deployment Planning Guide |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Identity Synchronization for Windows 6.0 Deployment Planning Guide |
2. Case Study: Deploying in a Multimaster Replication Environment
3. Case Study: Deploying in a High-Availability Environment Over a Wide Area Network Using SSL
Global Telco Deployment Information
Installation and Configuration Overview
Primary and Secondary Installations
Periodically Linking New Users
Large Deployment Considerations
Aligning Primary and Failover Configurations
Setting Multiple Passwords for uid=PSWConnector
Initial idsync resync Operation
Initial idsync resync Operation for Primary Installation
Initial idsync resync Operation for Failover Installation
Periodic idsync resync Operations
Periodic idsync resync Operation for Primary Installation
Periodic idsync resync Operation for Failover Installation
Understanding the Failover Process
Initializing the Connector State
Failover Installation Maintenance
Stopping Synchronization at the Primary Installation
Starting Synchronization at the Failover Installation
Re-enabling the Directory Server Plugins
Changing the PDC FSMO Role Owner
Failing Back to the Primary installation
A. Pluggable Authentication Modules
B. Identity Manager and Identity Synchronization for Windows Cohabitation
By default each Directory Server and Active Directory connector uses four worker threads to apply changes. This value is increased in the Global Telco deployment to improve the connector performance, especially during idsync resync operations. The number of connector threads is stored in the configuration directory in the pswNumOutboundConnectorThreads attribute, present in the pswSunDirectoryGlobals and in the pswActiveDirectoryGlobals entries. Before manually editing the configuration, all Identity Synchronization for Windows consoles must be closed.
To find the pswSunDirectoryGlobals entry, the following command is used:
bash-2.05# ./ldapsearch -b "ou=identitysynchronization,ou=services, dc=gt,dc=com" -D "cn=Directory Manager" -w <omitted password\> "(&(objectclass=pswSunDirectoryGlobals) (pswversion\>=0))" pswNumOutboundConnectorThreads dn: cn=136,ou=Sun,ou=Globals,cn=active[13],ou=GlobalConfig,ou=1.1, ou=IdentityS ynchronization,ou=Services,dc=gt,dc=com pswNumOutboundConnectorThreads: 4
The entry that must be modified is:
cn=136,ou=Sun,ou=Globals,cn=active[13],ou=GlobalConfig,ou=1.1, ou=IdentitySynchronization,ou=Services,dc=gt,dc=com.
To find the pswActiveDirectoryGlobals entry, the following command is used:
bash-2.05# ./ldapsearch -b "ou=identitysynchronization,ou=services,
dc=gt,dc=com" -D "cn=Directory Manager" -w <omittied password\>
"(&(objectclass=pswActiveDirectoryGlobals)(pswversion\>=0))"
pswNumOutboundConnectorThreads dn: cn=110,ou=ActiveDirectory,ou=Globals,cn=active[13],
ou=GlobalConfig, ou=1.1,
ou=IdentitySynchronization,ou=Services,dc=gt,dc=com
pswNumOutboundConnectorThreads: 4
The entry that must be modified is:
cn=110,ou=ActiveDirectory,ou=Globals, cn=active[13],ou=GlobalConfig,ou=1.1, ou=IdentitySynchronization,ou=Services,dc=gt,dc=com.
These two entries are modified to increase the number of threads to a maximum of 20:
bash-2.05# ./ldapmodify -D "cn=Directory Manager" -w <omitted password\>
dn: cn=136,ou=Sun,ou=Globals,cn=active[13],ou=GlobalConfig,ou=1.1,
ou=IdentitySynchronization,
ou=Services,dc=gt,dc=com
changetype: modify
replace: pswNumOutboundConnectorThreads
pswNumOutboundConnectorThreads: 20
modifying entry cn=136,ou=Sun,ou=Globals,cn=active[13],ou=GlobalConfig, ou=1.1,
ou=IdentitySynchronization,ou=Services,dc=gt,dc=com
dn: cn=110,ou=ActiveDirectory,ou=Globals,cn=active[13],ou=GlobalConfig, ou=1.1,
ou=IdentitySynchronization,ou=Services,dc=gt,dc=com
changetype: modify
replace: pswNumOutboundConnectorThreads
pswNumOutboundConnectorThreads: 20
modifying entry cn=110,ou=ActiveDirectory,ou=Globals,cn=active[13],
ou=GlobalConfig,ou=1.1,ou=IdentitySynchronization,ou=Services,dc=gt,dc=com
After these values are changed, the Identity Synchronization for Windows daemon on the Core machine is restarted to notify the System Manager to pick up the new configuration.
|