After switching Disaster Recovery site

book

Article ID: 6856

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

Customer configured Disaster Recovery Environment along with "How to Install a Disaster Recovery Deployment" in Implimentation Guide.

https://docops.ca.com/ca-privileged-identity-manager/12-9-02/EN/implementing/disaster-recovery-overview/how-to-install-a-disaster-recovery-deployment 

 

But it cannot work check-in/checkout after switch to Disaster Recovery(DR) machine. 

Following error message in server.log:

2017-04-06 17:26:54,272 INFO [com.ca.ppm.connectivity.util.SendJCSMsgToTibcoQueue] retrieve JCS password message body:SSL=no 

 RESPONSE_CODE=-1 

 RESPONSE_MSG=cannot find jcs for host:'DisasterRecovery Server name' 

And also, PROXY Server is configured to Production Server on Disaster Recovery Server.

 

Cause

all record in CentralDB is duplicate from Production Server as replication from the machine.

So, Java Connector server on DisaterRecovery Server does not register on this node. 

 

Environment

In test environment:OS: Windows 2012 R2Product: CA Privileged Identity Manager for SAM r12.9 SP1 CentralDB: MS SQLServer Userstore: Embedded

Resolution

Please change following configuration to use Enterprise Management Console on DisasterRecovery server.

 

1. JCS register again: 

 please register following steps:

  1-1. open command prompt

  1-2. moving PIM's folder

    Ex. cd /d "C:\Program Files\CA\AccessControlServer\APMS\AccessControl\bin" 

  1-3. Set JAVA_HOME

    Ex. set JAVA_HOME=C:\jdk1.8.0 

  1-4. JCS register again

    Ex. ComponentRegistration.exe -comp jcs -register -userDN "cn=root,dc=etasa" -serverDN "dc=im,dc=etasa" -pwd Communication Password -port 20411 -ssl yes -file "Full path of the log file" -verbose 

 

2. PROXY configuration change. automatically add DR side. 

 

3. change Base URL to DR node.

  3-1. login SystemManager to Enterprise Management Console

  3-2. select System > Coniguration > UI settings

  3-3. Edit Base URL from Production Server name to DisasterRecovery Server name.