Previous Topic: Configure a Load Balancing Enterprise Management Server for High AvailabilityNext Topic: Configure CA ControlMinder Enterprise Management with Local DMS

Implementation GuideInstalling a High Availability DeploymentHow to Configure CA ControlMinder Enterprise Management for High AvailabilityConfigure Active Directory for Failover

Configure Active Directory for Failover

If you use Active Directory as the user store, you can configure the Enterprise Management Server to work with multiple Domain Controllers. If the primary Domain Controller fails, another Domain Controller takes over and continues to service client requests.

Follow these steps:

  1. Enable the CA Identity Minder Management Console.

    You use the CA Identity Manager Management Console to configure the list of Domain Controllers in the environment.

  2. Open the CA Identity Minder Management Console.
  3. Click Directories, then select click ac-dir environment.

    The Directory Properties window appears.

  4. Click Export and save the XML file.
  5. Open the XML file for editing. Locate the <Connection host= host_name> tag. For example: 
    <Connection host="primaryDir.com" port="389">
  6. Append the string "failover" to the end of the line and specify the host name and port number of your Domain Controllers in a space separated list, then save the file. For example: 
    <Connection host="ADserver1" port="389" failover="ADserver2:389"/>
  7. In the Management Console, click Update.

    The Update Directory window opens.

  8. Enter the full pathname of the XML file that you edited, or browse for the file, then click Finish.

    Status information is displayed in the Directory Configuration Output field.

  9. Click Continue, and restart the environment.

    The Enterprise Management Server can now work with the primary and secondary Domain Controllers.