Configuring high availability in ADSelfService Plus
ADSelfService Plus utilizes automatic failover to support high availability in case of system and product failures. Essentially, this means that when the ADSelfService Plus service on one machine fails, another instance of ADSelfService Plus running on another machine automatically takes over. This ensures end users get uninterrupted access to the products' features such as self-service password management and single sign-on.
Before configuring high availability in ADSelfService Plus, ensure that the following conditions are satisfied.
Condition 1: ADSelfService Plus must be downloaded and installed in two separate machines.
If you already have ADSelfService Plus, update your installation to the latest build, and ensure that you download and install the latest version of ADSelfService Plus in the second machine as well.
Condition 2: Both the instances should,
- Run as a service.
- Have the same build architecture (32-bit or 64-bit) and build number.
- Be connected to the same domain and network.
- Have the AD domains configured using a service account with Domain Admin privileges. Note that Domain Admin privileges are only mandatory during the initial setup of high availability. Once high availability has been configured, the service account can be changed to one with lesser privileges based on other features configured.
- Have uninterrupted sharing of the installation directory folder between the primary and secondary instances.
Condition 3: The virtual IP address must lie in the same IP range as that of the primary and standby servers.
Note: A virtual IP address is an unused static IP address that will be used to access both the primary and secondary instances.
To find an unused static IP address, open command prompt and try to ping any random IP. If it throws a request timed out error, the IP is unused and can be used as the virtual IP address.
Once high availability has been configured, this virtual IP address will be used to access ADSelfService Plus.
Condition 4: High availability can only be implemented if the Failover and Secure Gateway Services add-on has been purchased. Visit our store to purchase the add-on.
Important: It is recommended that an external database server (supported databases are
PostgreSQL and Microsoft SQL) is used for better high availability in ADSelfService Plus.
Using the built-in PostgreSQL database could lead to database connectivity failure when
the primary server fails, rendering the product non-functional.
Configuration steps
1. Log into ADSelfService Plus.
2. Go to Admin → Enterprise Essentials → High Availability.
3. Select Enable High Availability.
4. In the Primary Server section, the URL of the ADSelfService Plus server you are currently accessing (i.e., the primary server) will be auto-filled.
5. In the Standby Server section, enter the URL of the ADSelfService Plus standby server.
6. In the Credentials section enter the Admin Username and the Password of a super admin user in the ADSelfService Plus standby server.
Note: Super admins are users who have been given full control over the entire product.
7. In the Virtual IP section, enter:
i. A single IP with which you can access both the primary and standby servers. When the product is accessed using this IP, the data is routed directly through the server that is active at that particular time.
ii. The Virtual Host Name.
Note: A virtual host name is the alias given to the virtual IP.
8. Click Save.
9. To enable high availability, you will need to restart the primary server first and then restart the standby server.
Important: Once high availability is enabled, you must:
Update the access URL with the virtual IP address value.
Add the virtual IP address value in Admin Login page IP restriction list (if it is enabled). You can find that option by navigating to the Admin tab → Logon Settings → General.
Disabling High Availability
High availability can be disabled only from the standby server. To do this:
- Shutdown the primary server.
- Access ADSelfService Plus. This will automatically route you to the standby server.
- Go to the High Availability settings under the Admin tab and uncheck the option Enable High Availability.
- Click Save.
- Restart the standby server, and then the primary server.
New to ADSelfService Plus?
Related Articles
How to configure high availability in Azure using a load balancer
ManageEngine ADSelfService Plus provides a high availability feature to ensure uninterrupted access to the product even for system and product failures. With high availability, when the ADSelfService Plus service on one machine fails, another ...How to migrate the ADSelfService Plus installation from one machine to another
Description This article will guide you through the process for migrating the ADSelfService Plus installation from one machine to another. Important: Before you start the migration process, please update your ADSelfService Plus installation to the ...Encryption and data storage in ADSelfService Plus database
Encryption in the ADSelfService Plus database ADSelfService Plus' database uses the following encryption methods to store sensitive data: Database Encryption method PostgreSQL AES-256-CBC Microsoft SQL AES-256-CBC The following sensitive information ...ADSelfService Plus product startup issues
What do you need to know before troubleshooting You need to have administrator access to ADSelfService Plus. When you experience an error with ADSelfService Plus, check if these prerequisites are satisfied: Install ADSelfService Plus as a service ...How to configure custom SMS provider in ADSelfService Plus?
ADSelfService Plus lets you use any one of the following methods to send an SMS: GSM modem Clickatell (built-in support) Custom SMS gateway Configuring custom SMS gateway You can configure a custom SMS gateway to send notifications and verification ...