SiteMinder Disaster Recovery using Load Balancer
search cancel

SiteMinder Disaster Recovery using Load Balancer

book

Article ID: 259651

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction


Running two different environments in two different sites. How to leverage on the two sites for disaster recovery for each other?

 

Resolution

 
Yes, that is possible.
 
  {LoadBalancer} ---+----> ENV1/ENV2 DR
    |          ^
    |  replication of stores
    |          v
    +----> ENV2/ENV1 DR
 
The replication is not done by SiteMinder but at the Store level (such as the Policy Store, Key Store, Session Store and User Store), so it would be transparent to SiteMinder.
 
Nonetheless, you may want to cut over to DR completely with assurance the DR will be functional so they break the replication and do it manually (via scheduled task) at regular interval (running "xpsexport -xb %date-policystore.xml" command on a daily basis).
 
That is to cover the use case where the Policy Store corruption is causing the outage.
 
If the Policy Store is replicated, then the corrupted data will also be present in the DR which breaks DR functionality.
 
Realtime replication is the most used but manual replication is also not rare.
 
Powered by Wolken Software