How to configure Endpoint Protection Manager to connect to SQL server with MultiSubnetFailover

book

Article ID: 169735

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

"AlwaysOn Availability Groups" were added to SQL client support in .NET Framework 4.5 for high-availability disaster recovery. This included the "MultiSubnetFailover" SQL client connection option. Is this supported in Symantec Endpoint Protection Manager (SEPM) and its connection to a SQL database?

References

SqlClient Support for High Availability, Disaster Recovery
 
SQL Server Multi-Subnet Clustering (SQL Server)

JDBC Driver Support for High Availability, Disaster Recovery
 

Resolution

A SEPM will always try to reconnect to SQL if an issue is encountered. SEPM can support using "multiSubnetFailover=true" in the SQL connection string but this option must be manually inserted into the JDBC URL in [SEPM]\tomcat\conf\Catalina\localhost\ROOT.xml. Note that administrative rights are required to edit SEPM configuration files.

Restart the SEPM services after adding "multiSubnetFailover=true" into the JDBC URL.

Sample ROOT.xml with multiSubnetFailover option inserted:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Context antiJARLocking="false" antiResourceLocking="false" crossContext="true" privileged="true" reloadable="false">
  <Resource auth="Container" driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" factory="com.sygate.scm.pool.ScmDataSourceFactory" maxActive="150" maxIdle="50" maxWait="30000" mssqlSocketReadTimeout="1800" name="jdbc/metadatabase" password="{V01.EN_US}D3AAA92FC2A700302B6A6CFADAD50285" removeAbandoned="true" type="javax.sql.DataSource" url="jdbc:sqlserver://juliet:1433;instanceName=sql;databaseName=sem5;multiSubnetFailover=true;integratedSecurity=false;encrypt=true;trustServerCertificate=true" username="sem5" validationQuery="SELECT count(*) FROM CONNECTION_TEST" validationQueryTimeout="60"/>
</Context>