Promoting a Secondary Authentication Manager to Primary

If the Primary Authentication Manager is down due to a system failure, you can use the steps in this section to resume authentication services by promoting a Secondary Authentication Manager to Primary. These steps can also be used if a Primary system needs to be taken offline for some reason, such as for maintenance.

NOTE: These steps require that you have installed the Access Authenticator Authentication Manager and Data Services on both a Primary and Secondary system, and initiated replication of the Primary on the Secondary (see Installing the Authentication Manager and Data Services).

Promoting a Manager to Primary on Windows

  1. If the Primary system has crashed, and the purposes of promotion are for recovery, skip to step 2. If the Primary database needs to be taken offline, on the system running the Primary database, stop the service HSAccessAuthenticatorDB.
  2. Login to the system running a/the Secondary Authentication Manager. (You will need to know its IP address.)
  3. Run the following command in C:\Program Files\Help Systems\Access Authenticator:
    standby2master

    This command sets postgres to stop replicating data and become the Primary Manager.

  4. Run the following command in C:\Program Files\Help Systems\Access Authenticator\consul:
    set_ds_primary -ip current ip -port discovery port
    NOTE: The default discovery port is 8500.

    This command sets some internal variables that tells Access Authenticator where the new postgres master (Primary) is located.

  5. Start the service 'HSAccessAuthenticatorDB' on the new Primary system.
  6. If one or more additional Secondary installations are available, they need to be instructed to begin replicating from the new Primary system. Login to those systems and run the following command (in C:\Program Files\Help Systems\Access Authenticator): 
    switchmaster new Primary system ip

    If no additional Secondary system is available, you can install the Authentication Manager and Data Services (as described in Installing the Authentication Manager and Data Services) on one or more Secondary systems, and run master2standby, to restore failover/recovery capability.
    Next, the new Primary system needs to be identified in Insite.

  7. Open Insite and select Access Authenticator from the Navigation Pane, then choose Managers.
  8. Click the system that was just promoted to Primary (it will still be listed as a Backup). The Edit Managers screen appears.
  9. Set Primary to On.
  10. Click Save.

Promoting a Manager to Primary on Linux

  1. If the Primary system has crashed, and the purposes of promotion are for recovery, skip to step 2. If the Primary database needs to be taken offline, on the system running the Primary database, stop the service 'HelpSystemsAccessAuthenticatorDatabase'.
  2. Login to the system running a/the Secondary Authentication Manager. (You will need to know its IP address.)
  3. Run the following command in opt\helpsystems\AccessAuthenticator:
    standby2master

    This command sets postgres to stop replicating data and become the Primary Manager.

  4. Run the following command in opt\helpsystems\AccessAuthenticator\consul:
    set_ds_primary -ip current ip -port discovery port
    NOTE: The default discovery port is 8500.

    This command sets some internal variables that tells Access Authenticator where the new postgres master (Primary) is located.

  5. Start the service 'HelpSystemsAccessAuthenticatorDatabase' on the new Primary system.

  6. Start the service 'HelpSystemsAccessAuthenticatorManager' on the new Primary system.

  7. If one or more additional Secondary installations are available, they need to be instructed to begin replicating from the new Primary system. Login to those systems and run the following command (in opt\helpsystems\AccessAuthenticator): 
    switchmaster new Primary system ip

    If no additional Secondary system is available, you can install the Authentication Manager and Data Services (as described in Installing the Authentication Manager and Data Services) on one or more Secondary systems, and run master2standby, to restore failover/recovery capability.
    Next, the new Primary system needs to be identified in Insite.

  8. Open Insite and select Access Authenticator from the Navigation Pane, then choose Managers.
  9. Click the system that was just promoted to Primary (it will still be listed as a Backup). The Edit Managers screen appears.
  10. Set Primary to On.
  11. Click Save.

 

Copyright © HelpSystems, LLC.
All trademarks and registered trademarks are the property of their respective owners.
1.3 | 201807251235 | July, 2018