Configuring high availability in ADSelfService Plus

Configuring high availability in ADSelfService Plus

ADSelfService Plus utilizes automatic failover to support high availability in case of system and product failures. Essentially, this means that when the ADSelfService Plus service on one machine fails, another instance of ADSelfService Plus running on another machine automatically takes over. This ensures end users get uninterrupted access to the products' features such as self-service password management and single sign-on.
Before configuring high availability in ADSelfService Plus, ensure that the following conditions are satisfied.

Condition 1: ADSelfService Plus must be downloaded and installed in two separate machines.
If you already have ADSelfService Plus, update your installation to the latest build, and ensure that you download and install the latest version of ADSelfService Plus in the second machine as well.

Condition 2: Both the instances should,
  1. Run as a service.
  2. Have the same build architecture (32-bit or 64-bit) and build number.
  3. Be connected to the same domain and network.
  4. Have the AD domains configured using a service account with Domain Admin privileges. Note that Domain Admin privileges are only mandatory during the initial setup of high availability. Once high availability has been configured, the service account can be changed to one with lesser privileges based on other features configured.
  5. Have uninterrupted sharing of the installation directory folder between the primary and secondary instances.
Condition 3: The virtual IP address must lie in the same IP range as that of the primary and standby servers.
Note: A virtual IP address is an unused static IP address that will be used to access both the primary and secondary instances.
To find an unused static IP address, open command prompt and try to ping any random IP. If it throws a request timed out error, the IP is unused and can be used as the virtual IP address.
Once high availability has been configured, this virtual IP address will be used to access ADSelfService Plus.

Condition 4: High availability can only be implemented if the Failover and Secure Gateway Services add-on has been purchased. Visit our store to purchase the add-on.
Important: It is recommended that an external database server (supported databases are PostgreSQL and Microsoft SQL) is used for better high availability in ADSelfService Plus. Using the built-in PostgreSQL database could lead to database connectivity failure when the primary server fails, rendering the product non-functional.

Configuration steps

      1. Log into ADSelfService Plus.
      2. Go to AdminEnterprise EssentialsHigh Availability.
      3. Select Enable High Availability.
      4. In the Primary Server section, the URL of the ADSelfService Plus server you are currently accessing (i.e., the primary server) will be auto-filled.
      5. In the Standby Server section, enter the URL of the ADSelfService Plus standby server.
      6. In the Credentials section enter the Admin Username and the Password of a super admin user in the ADSelfService Plus standby server.
Note: Super admins are users who have been given full control over the entire product.
      7. In the Virtual IP section, enter:
                  i. A single IP with which you can access both the primary and standby servers. When the product is accessed using this IP, the data is routed                               directly through the server that is active at that particular time.
                  ii. The Virtual Host Name.
Note: A virtual host name is the alias given to the virtual IP.
      8. Click Save.
high-availability-configuration

      9. To enable high availability, you will need to restart the primary server first and then restart the standby server.
Important: Once high availability is enabled, you must:
Update the access URL with the virtual IP address value.
Add the virtual IP address value in Admin Login page IP restriction list (if it is enabled). You can find that option by navigating to the Admin tabLogon SettingsGeneral.
high-availability-configuration

Disabling High Availability

High availability can be disabled only from the standby server. To do this:
  1. Shutdown the primary server.
  2. Access ADSelfService Plus. This will automatically route you to the standby server.
  3. Go to the High Availability settings under the Admin tab and uncheck the option Enable High Availability.
  4. Click Save.
  5. Restart the standby server, and then the primary server.



                  New to ADSelfService Plus?

                    • Related Articles

                    • How to configure high availability in Azure using a load balancer

                      ManageEngine ADSelfService Plus provides a high availability feature to ensure uninterrupted access to the product even for system and product failures. With high availability, when the ADSelfService Plus service on one machine fails, another ...
                    • Encryption and data storage in ADSelfService Plus database

                      Encryption in the ADSelfService Plus database ADSelfService Plus' database uses the following encryption methods to store sensitive data: Database Encryption method PostgreSQL AES-256-CBC Microsoft SQL AES-256-CBC The following sensitive information ...
                    • How to migrate the ADSelfService Plus installation from one machine to another

                      Description This article will guide you through the process for migrating the ADSelfService Plus installation from one machine to another. Important: Before you start the migration process, please update your ADSelfService Plus installation to the ...
                    • ADSelfService Plus product startup issues

                      What do you need to know before troubleshooting You need to have administrator access to ADSelfService Plus. When you experience an error with ADSelfService Plus, check if these prerequisites are satisfied: Install ADSelfService Plus as a service ...
                    • How to configure custom SMS provider in ADSelfService Plus?

                      ADSelfService Plus lets you use any one of the following methods to send an SMS: GSM modem Clickatell (built-in support) Custom SMS gateway Configuring custom SMS gateway You can configure a custom SMS gateway to send notifications and verification ...