Versions Compared

Old Version 2

changes.mady.by.user Tomi Pelttari

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
titleShutdown services on node 1
/etc/init.d/ubilogin-serversystemctl stop /etc/init.d/ubilogin-directoryserver
systemctl stop /etc/init.d/ubisecure-accounting
systemctl stop ubilogin-directory

Copy node 1 installation to node 2

...

Code Block
titleStop Directory service on node 2
/etc/init.d/systemctl stop ubilogin-directory stop

Delete the OpenLDAP database from node 2. It will reappear through replication later. The directory name is based on your LDAP root, for example:

Code Block
titleDelete replicated directory on node 2
cd /usr/local/ubisecure/ubilogin-sso/openldap/var/openldap-bdb/cn=Ubilogin,dc=sso,dc=example,dc=commdb/<your LDAP root>
rm -f *

Restart the services on node 1:

Code Block
titleRestart services on node 1
/etc/init.d/systemctl start ubisecure-accounting
systemctl start /etc/init.d/ubilogin-directory
systemctl start /etc/init.d/ubilogin-server start

Start OpenLDAP service on node 2 with the proper configuration.

Code Block
titleRestart directory service on node 2
/etc/init.d/systemctl start ubilogin-directory start

Verify LDAP replication

List OpenLDAP folder on node 2 and verify that database files from node 1 have been copied automatically to node 2. The directory name is based on your LDAP root, for example:

Code Block
titleLDAP root directory
ls /usr/local/ubisecure/ubilogin-sso/openldap/var/openldap-bdb/cn=Ubilogin,dc=sso,dc=example,dc=commdb/<your LDAP root>

Install Ubisecure SSO Tomcat and Accounting Service

...

Code Block
titleStart services on node 2
/etc/init.d/systemctl start ubisecure-accounting
systemctl start /etc/init.d/ubilogin-server start

Configuring LDAP failover

...

Code Block
titleActivate applications on each node
/etc/init.d/systemctl stop ubilogin-server stop
cd /usr/local/ubisecure/ubilogin-sso/ubilogin
./config/tomcat/update.sh
/etc/init.d/systemctl start ubilogin-server start

Verify LDAP failover functionality

...

  • Stop ubilogin-directory on node 2
  • Stop ubilogin-server on node 1

Gliffy
nameLDAPFailoverTest1

Test 2

Check after each step that SSO Management application still responds after a few page refreshes.

  • Stop ubilogin-directory on node 1
  • Stop ubilogin-server on node 2

Gliffy
nameLDAPFailoverTest2