Friday, March 11, 2011

Sun DS with OpenSSO schema - High Available Connections


In a highly-available setup, each OpenSSO server is recommended to connect to a dedicated Sun Directory Server for its Data Store. The other Directory Server will be configured as the secondary server (dotted lines). This ideal setup will yield better performance.



How to do achieve that in OpenSSO/OpenAM via the AM Console?



The above setup is wrong. It means both OpenSSO servers will connect to LDAP1 always. And only when LDAP1 is down, will both of them redirect to LDAP2.


This is not what we want to achieve. We want the setup to be highly available and efficient. (aka good performance)


So, we need to play with Format: LDAP server host name:port | server_ID | site_ID.


Problem is how do we know what is the value for server_ID and what is the value for site_ID?



As usual, I whack the OpenDS directly. The configuration data for the above screen is stored in ou=iPlanetAMPlatformService.


The configuration for Site is stored in ou=com-sun-identity-sites.



The configuration for Servers is stored in ou=com-sun-identity-servers.




So, the configuration should be as follows:



Nice!

.

No comments:

Post a Comment