18.2 Registering a New Server

You must register a new server to an existing Advanced Authentication site.

After you create a Global Master (in the primary site) or a DB Master (in the secondary site), you must deploy DB servers for database backup. For this, you must register a new server or a Web server.

Before registering a new site, ensure that the following requirements are met:

  • You have an administrator’s privilege to access the Advanced Authentication Server Registrar.

  • You have installed the Advanced Authentication server appliance that has the same version as the Global Master server. Ensure that you have not configured for a new server.

To deploy a new DB server or a Web server in an existing site, perform the following steps:

  1. Open the database port <Registrar_host_name>:5432 on your NAT/Firewall if you are deploying a DB server.

  2. Open the Advanced Authentication Configuration Wizard for a new installed server: https://<New_Server_host_name>.

  3. Select Existing cluster in the first Server Mode.

  4. Click Next.

  5. Specify the server DNS hostname in My DNS hostname.

    WARNING:You must specify a DNS hostname instead of an IP address because appliance does not support the changing of IP address.

  6. Click Next.

  7. Specify a password for the LOCAL\admin account.

    You may get the error Remote host returned error: Wrong password of key file (AuError) when you are trying to deploy a DB server on previous versions of Advanced Authentication server. You must have Advanced Authentication 5.5-326 or later installed.

  8. Click Next.

    In Import database information, a message Waiting for Global Master.... is displayed.

  9. Goto the Advanced Authentication Administration portal of the Advanced Authentication Server Registrar.

  10. Click Register new server in Cluster.

  11. Specify the new server's host name in Server host.

    HINT:If the new server is behind NAT, you can forward its port 443 on a temporary basis and enter external hostname:port. You must close the port after installation.

  12. Select one of the following servers:

    • Web Server: This server does not contain a database. Web server responds to authentication requests and connects to the DB Master database. You need more Web servers to serve more workload. You must not deploy more than 5-6 web servers per site.

    • DB Server: The database is used for backup and fail-over. Two DB servers can be created within a site. When the DB Master is down, a DB server responds to the database requests. When the DB Master is available again, the DB server synchronizes with the Master and the DB Master becomes the primary point of contact for database requests again. The DB server is inactive under normal circumstances.

      During the installation process, the DB server copies the database from its DB Master. Ensure to close the Global Master port 5432.

    NOTE:The DB server also handles the authentication request in the same way as the Web server. When handling the authentication requests, the DB or Web servers connect to the Master server for database related operations.

    NOTE:If you select DB Server, you must copy the database from Global Master. Open database port <Registrar_host_name>:5432 on your NAT/Firewall. You must close the port after installation.

  13. Select the site in Add server to the site.

  14. Click Register.

  15. Go to the new server and click Next.

    WARNING:While you are registering a secondary DB server for the secondary site, ensure to wait till the secondary DB server is displayed under the Master DB server of secondary site. Then, click Copy in Copy database.

  16. If you select DB Server, click Copy in Copy database.

    WARNING:Ensure not to click Next or Back button while the database copy is in progress.

    The server is automatically restarted within 60 seconds after the database completes copying from a Global Master server.

  17. If you select DB Server, goto the Advanced Authentication Server Registrar. The newly deployed server is displayed in DB servers.

    NOTE:Each of the DB servers in the list are pinged for every 5 minutes. If an issue occurs, the server is marked in red. To view the details of connectivity issues click View log. To view the replication issues, click Conflicts.

  18. Close the database port <Registrar_host_name>:5432 on your NAT/Firewall if you have opened it.

    NOTE:You must install the new servers one at a time. Simultaneous installations may cause replication issues.