Replacing the main server in a Directory failover environment - Security Center 5.12

Security Center Administrator Guide 5.12

Product
Security Center
Content type
Guides > Administrator guides
Version
5.12
Language
English
Last updated
2024-09-13

In a Directory failover environment, when your main server is no longer adequate, you can replace one of your secondary Directory servers with a new machine, then switch the main server to that machine with minimal downtime.

Before you begin

  • If you have a single Directory system, read Replacing the main server, instead.
  • Have your System ID and password ready.

    Your system ID and password are specified in the Security Center License Information document. Our Customer Service team sends you this document when you purchase the product.

What you should know

This server migration scenario works with the following assumptions:
  • None of your existing Directory servers is adequate to assume the role the main server in the long run.
  • You have an adequate new machine ready to replace the old main server.
  • All your Directory servers are up and running.
  • You do not intend to increase the number of Directory servers in your system. Therefore, you do not need to update your current license.
NOTE: There is a brief system downtime when all roles and applications switch from the old main server to the new one. So pick the right time to perform this operation.

Procedure

  1. Install Security Center on the new machine using the Expansion server configuration and connect it to the main server.
    The new machine is now part of your system as an expansion server.
  2. Log on to your system with Config Tool.
  3. If there are roles other than the Directory role hosted on the main server, move them to the new server.
    You need to do this if you intend to decommission your old main server at the end of this operation. To see which roles are running on the main server:
    1. Open the Network view task.
    2. Select the main server () and click the Identity tab.
    3. In the Relationships tree, expand the Roles node.
  4. Open the System task and click the Roles view.
  5. Select the Directory Manager () role, and then click the Directory servers tab.
  6. Select a server that is not your main server, and click Remove the item ().
    This is only temporary so you do not exceed the number of Directory servers permitted by your license.
  7. Click Add an item (), select the server you just added, and click Add.
  8. Reactivate your Security Center license with the new list of Directory servers from Config Tool.
  9. Select the new server, click Activate Directory () and then click Apply.
    The new server is now your main server. This causes a brief disruption to your system as all roles and client applications must disconnect from the old server and connect to the new one.
  10. Select the old main server and click Remove the item ().
  11. Click Add an item (), select the server you temporarily removed from the Directory failover list, and click Add.
  12. Reactivate your Security Center license one more time for the new list of Directory servers from Config Tool.
    The old main server is now running as a regular expansion server.
  13. (Optional) Decommission your old main server.
    1. Open the Network view task, and confirm that all your expansion servers are online ().
    2. Select the old main server and click Delete () and Delete.
      No role should be running on the old main server, otherwise the deletion would fail.
      Tip: The list of roles should be empty in the Identity tab.
    3. Uninstall Security Center from your old server.

After you finish

Notify your users with the DNS name or IP address of your new main server.