Symantec VIP Enterprise Gateway User store Bind User password change impact on validations when there are multiple VIP EGs in the environment.

You have the option to configure VIP Enterprise Gateway with multiple different user stores, allowing for two-factor authentication across various enterprise services. However, if the password of the AD/LDAP Bind user changes, user validations will start to fail. In an environment with multiple Enterprise Gateways, there are two solutions for updating the password:

Solution 1:

Update the AD/LDAP bind user password individually in each Gateway. When the password is updated in Gateway-1, the other Gateways will continue to experience failures until the password is updated in all of them. If the Gateways are load balanced, you can temporarily remove each Gateway from rotation one by one, update the password, and repeat the process for the remaining Gateways. Once updated, you can add the Gateways back into rotation.

Solution 2:

Set up a new Service Account for the Binding user. This allows you to update each Gateway's password one at a time, ensuring that transactions are not affected. After completing the updates, you can safely delete the old account.