You must register a new site to deploy Advanced Authentication in a new geographical location. For example, a cluster has a single site A. To deploy an Advanced Authentication server at site B, you must register a new Advanced Authentication site. With the registration of the new site, you must configure a DB Master in the site.
Before registering a new site, ensure that the following requirements are met:
You have an administrator’s privilege to access the Advanced Authentication Server Registrar.
You have installed the Advanced Authentication server appliance that has the same version as the Global Master server. Ensure that you have not configured for a DB server in the new site.
To register a new site and to deploy a DB Master server in the site, perform the following steps:
Open the database port <Registrar_host_name>:5432 on your NAT/Firewall.
Open the Advanced Authentication Configuration Wizard for a new installed server: https://<New_Server_host_name>.
Select Existing cluster in the first Server Mode.
Click Next.
Specify the server DNS hostname in My DNS hostname.
WARNING:You must specify a DNS hostname instead of an IP address because appliance does not support the changing of IP address.
Click Next.
Specify a password for the LOCAL\admin account.
Disable Copy DB over network to skip copying the database if you are experiencing network issues or there is a slow connection between the new site and the master site. Later, you can copy the database using following methods:
By importing .cpt file. For more information, see Restoring the Database from Local File.
By running copy DB command. For more information, see Copy DB.
NOTE:
Copying the database using the Copy DB command reduces the chances of replication conflicts. It is better to copy the database using the Copy DB command in a time of lowest user activity. When users authenticated after you created a .cpt file, or there were any other changes in the database (e.g. new enrollments), after import of the .cpt file you will need to resolve the replication conflicts.
As the database of DB Server is inactive (it doesn't serve the client requests in comparison with the database of DB Master), it is recommended to do Copy DB from a DB Server, not from the DB Master server.
Click Next.
In Import database information, a message Waiting for Global Master.... is displayed.
Goto the Advanced Authentication Administration portal of the Advanced Authentication Server Registrar.
Click Register new site in Cluster.
Specify a host name for the new DB server of the new site in Master server host.
HINT:If the new server is behind NAT, you can forward its port 443 on a temporary basis and specify an external hostname:port. You must close the port after installation.
Specify a name of the new site in Site name.
Click Register.
After successful registration, a message Success! Continue server install is displayed.
DB Master server is displayed in DB servers, for the newly created site. The record is marked in red.
Go to the new server and click Next.
Click Copy.
The server is automatically restarted within 60 seconds after the database completes copying from a Global Master server.
Go to the Advanced Authentication Server Registrar. The newly deployed server is displayed in DB servers.
NOTE:Each of the DB servers in the list is pinged every 5 minutes. If an issue occurs, the server is marked in red. To view the details of connectivity issues click View log. To view the replication issues, click Conflicts.
Close the database port <Registrar_host_name>:5432 on your NAT/Firewall.
To add LDAP servers for the new site, perform the following steps:
Log in to the Administration portal on the DB Master of the new site.
Click Repositories.
Edit the existing repository.
Add the LDAP Servers.
Save the changes.
NOTE:These changes are replicated only within a site.
NOTE:
You must install the new servers one at a time. Simultaneous installations may cause replication issues.
The inter-site replication interval is 10 seconds.