High Availability

ADSelfService Plus utilizes automatic failover to support high availability in case of system and product failures. Essentially, this means that when the ADSelfService Plus service on one machine fails, another instance of ADSelfService Plus running on another machine automatically takes over. This ensures end users get uninterrupted access to the products' features such as self-service password management and single sign-on.

Important things to consider :

To implement high availability, you have to install ADSelfService Plus on two machines
The ADSelfService Plus instance from which you configure High Availability will act as the primary server. The other instance will act as the standby server
Both the servers will use the same database. At any given time, the primary server will cater to user requests while the other will be passive.
Whenever the primary server experiences sustained downtime, the standby server becomes operational and services all requests.
You will need a virtual IP address for high availability configurations.
Your account will need to have Domain Admin privileges for the initial setup.
It is recommended that an external database server (supported databases are PostgreSQL and Microsoft SQL) is used for better high availability in ADSelfService Plus. Using the built-in PostgreSQL database could lead to database connectivity failure when the primary server fails, rendering the product non-functional.
High availability can only be implemented if the Failover & Secure Gateway Services add-on has been purchased. Visit our store to purchase Failover & Secure Gateway Services.

Prerequisites

Before configuring high availability in ADSelfService Plus, ensure that the following conditions are satisfied.

Condition 1: ADSelfService Plus must be downloaded and installed in two separate machines.

If you already have ADSelfService Plus, update your installation to the latest build, and ensure that you download and install the latest version of ADSelfService Plus in the second machine as well.

Condition 2: The ADSelfService instance in both the machines should,

Run as a service.
Have the same build architecture (32-bit or 64-bit) and build number.
Be members of the same domain, and be connected to same subnetwork.
Have the AD domains configured using a service account with Domain Admin privileges. Note that Domain Admin privileges are only mandatory during the initial setup of high availability. Once high availability has been configured, the service account can be changed to one with fewer privileges based on other features configured.
Have uninterrupted sharing of the installation directory folder between the primary and secondary instances.

Enabling high availability

Follow the steps given below to enable high availability:

Download and install ADSelfService Plus on two separate machines.

If you already have ADSelfService Plus, update it to the latest build. On the second machine, download and install the latest build.

Go to Admin → Enterprise Essentials → High Availability.
Select Enable High Availability.
In the Primary Server section, the URL of ADSelfService Plus server you are currently accessing will be autofilled
In the Standby Server section, enter the:
- URL of the ADSelfService Plus standby server.
- Username and Password of a super admin user in the ADSelfService Plus standby server.
  Note:Super administrators are users who have been given full control over the entire product.
In the Virtual IP section, enter:
- A single IP with which you can access both the primary and standby servers. When the product is accessed using this IP, the data is routed directly through the server that is active at that particular time.
- The Virtual Host Name.
  Note: A virtual host name is the alias given to the virtual IP.
Click Save.
Once the settings are saved, you need to restart the primary server first and then the standby server to activate high availability.

Note:

Once high availability is enabled, you must:

Update the access URL with the virtual Host Name which the user will be using while accessing ADSelfService Plus.
Add the virtual IP address value in Admin Login page IP restriction list(if it is enabled). You can find that option by navigating to the Admin tab → Logon Settings → General.

Disabling High Availability

High availability can be disabled only from the standby server.

Shut down the primary server.
Access ADSelfService Plus. This will automatically route you to the standby server.
Go to the High Availability settings under the Admin tab and uncheck the option Enable High Availability.
Click Save.
Restart the standby server, and then the primary server.

Previous Topic Next Topic

Thanks!

Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.

Need technical assistance?

Enter your email ID
Talk to experts

Don't see what you're looking for?

Visit our community

Post your questions in the forum.
Request additional resources

Send us your requirements.
Need implementation assistance?

Try onboarding