7.6 Restoring Operations When a Global Master Server is Broken

When a GMS (Global Master server) breaks, restore it from backup or a snapshot. If this does not work, perform the following steps to convert an existing DB server from the same site as GMS to a new GMS and deploy a new DB server.

WARNING:It is recommended that you prepare a snapshot of the DB server which you are going to convert, to ensure that you have a backup in a scenario where the conversion fails. Conversion is a risky operation and can be performed only if you do not have the snapshots to which you can revert the broken server to.

As a pre-requisite, ensure that the GMS is turned off.

  1. Open the Advanced Authentication Administration portal on the DB server.

  2. Click Cluster.

    Wait until you see the Cluster section updated.

  3. Click Failover.

  4. Open database port 5432 (TCP/UDP) on your NAT/Firewall for a time of conversion.

  5. Click Convert to Global Master.

  6. Click OK.

  7. When you see Cluster again, close the database port.

  8. If you have been using the RADIUS server, you must reconfigure the settings.

    1. In the Administration portal, click Events and edit the RADIUS Server event.

    2. Check the configuration including the Clients section.

    3. Click Save to reconfigure the RADIUS server.

  9. Update the DNS so that the DNS name of the lost GMS resolves the IP address of the server being converted.

    IMPORTANT:Do not change the IP addresses of working servers.

  10. Update the load balancer configuration if required.

  11. Install a new server with an ISO file of the same version as on the new GMS and configure a new DB server instead of the converted one.

    NOTE:If you have two DB servers in the site, you must reinstall the second DB server to get the latest database.

    WARNING:Do not use the previously used IP address and DNS name for the new Advanced Authentication server.

  12. Log in to the Administration portal on Web servers. If you are not able to log in, reboot the Web servers. If you are still unable to log in, redeploy the Web servers.

    NOTE:The new Global Master Server is displayed with the name of the old Global Master server on the Cluster tab. You cannot change the name of the new Global Master server, because a conversion to Global Master is just a replacement of physical server.