IdP Versions Affected: ALL
Filesync Version Affected: 4.1.5.6
Description: During the initial FileSync Installation, the Primary and Secondary servers were set. Now you want to change which server is the Primary and which server will be the Secondary.
Resolution:
1) Go into the Registry Editor on the servers you want to make the Primary and Secondary switch on. Local Machine-->Software-->SecureAuth-->FileSync.
2)This setting here will have information about your FileSync setup. We can see that the NodeType is set to SECONDARY. Simply double click the NodeType, and change it to PRIMARY. Now on the Primary server, go into the same directory, but this time change the NodeType to SECONDARY. On the original Secondary server, you may have noticed that there is an extra string value that the Primary server does not have which is the InitialWCFCert.
3) On the new primary server, double click the ClusterMasterID and set it to the new primary servers NodeID, on the old Primary and all Secondary servers, edit the ClusterMasterID and set it to the new primary server's ClusterMasterID or NodeID, these should be the same on the NEW Primary node in the cluster.
4) On the new secondary server, right click the "FileSync" on the folder tab and click "new" and click on StringValue. Name it InitialWCFCert and add your certificate serial number in the value. The value of this item should be the licensing certificate serial number from the primary server. This will create the InitialWCFCert needed for the new secondary server. This will complete the steps required on the Registry Editor.
5) Now we need to swap the Appliance_Sync folder on both servers. Simply go to your D drive--> MFCApp_Bin and copy the Appliance_Sync folder directory and make a backup. Now swap these folders between the two servers.
6) Go to D:\SecureAuth\SecureAuth0\Servers.list and update the IP in the file. Your new primary server should have its own IP in this folder, and your new secondary server should have the primary IP in this folder.
7) Restart the FileSync service, let it run for several minutes then review the Application Event Viewer to ensure syncing is happening without errors.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.