CA Identity Manager User Directory failover
search cancel

CA Identity Manager User Directory failover


Article ID: 106094


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal


How to have the User Store for CA Identity Manager set to failover on a secondary LDAP store. When the primary LDAP goes down, CA Identity Manager does not failover to the secondary LDAP. What is the best way to solve or overcome this?


Component: IDMGR


CA Identity Manager failover for user stores do not handle switching over to a secondary LDAP fast enough even when both LDAP stores are correctly defined in the Directory.xml file. The best way to overcome this is to set the DSA router to point to the primary and secondary DSA through CA Directory. This will handle failover correctly and will not have any impact when the primary goes down. To correctly set this up, please follow this doc:

Failover is the ability of a router DSA to continue to service queries even when a data DSA becomes unavailable. If the router detects that a DSA has failed, it resends outstanding requests to another DSA that serves the same partition, making the failure invisible to clients.During normal operation, the standby DSA is kept synchronized with the primary data DSA in case it is needed. Failover is important for systems requiring high availability and reliability.