Directory database failover - Security Center 5.8

Security Center Administrator Guide 5.8

series
Security Center 5.8
revised_modified
2020-08-17

You can fail over the Directory database using either the backup and restore failover mode or the mirroring failover mode.

Three database failover modes are supported for the Directory:
Backup and restore
The Directory Manager protects the Directory database by regularly backing up the master database instance (source copy). During a failover, the latest backups are restored to the backup database that’s next in line. Two schedules can be defined: one for full backups, and another for differential backups.
Mirroring
Database failover is taken care of by Microsoft SQL Server and is transparent to Security Center. The Principal and Mirror instances of the Directory database are kept in sync at all times. There is no loss of data during failover.
SQL AlwaysOn
Use this failover mode if you are using the Windows feature SQL AlwaysOn as your high availability and disaster recovery solution.

Limitations of the backup and restore failover mode

  • To preserve the changes made to your system configuration while you were operating from the backup database, you must restore the latest contingency backup (created in the ContingencyBackups subfolder under the restore folder) to your master database after reactivating it.
  • To avoid losing the configuration changes made while you were operating from the backup database, you can change the backup database as your master database. To do this, select it from the database failover list to move it to the top of the list. However, keep in mind that your backup database is only as up to date as the most recent backup before the failover took place.

Differences between the backup and restore mode and the mirroring mode

The following table compares the differences between the two database failover modes.

Backup and restore (Directory Manager) Mirroring (Microsoft SQL Server)
Multiple backup instances of the Directory database are kept relatively in sync with its master instance through regular backups performed by the Directory Manager role. A single copy (the mirror instance) of the Directory database is kept perfectly in sync with the master copy (or principal instance) using SQL Server database mirroring.
The failover database can only be as up to date as the most recent backup. The failover database is an exact copy of the principal database.
Changes made while the Directory is connected to the backup database are lost when the Directory switches back to the master database. Changes can be made to the Directory database at any time without ever losing data.
Both master and backup databases must be hosted on Security Center servers. The principal and mirror database instances can be hosted on any computer.
Can work with SQL Server Express edition which is free. Requires SQL Server 2008 Standard Edition or better, that supports mirroring.
Recommended when the entity configurations are not frequently updated. Recommended when entity configurations are frequently updated, such as for cardholder and visitor management.
Causes a temporary disconnection of all client applications and roles while the database failover is in progress. Causes the Directory to restart if the principal server is unavailable for longer than a few seconds.
Database failover is handled by the Directory Manager role. Database failover is executed by a separate Witness server running on SQL Server Express (optional but highly recommended) or it has to be manually detected and executed by the database administrator.