I have a scenario where I need to configure two oracle 11g DB instances in SiteMinder policy servers as failover DB instances. These DB instances are configured in RAC mode and primary having write access and secondary in read mode.
I know below are two ways with which these two DB instances can be configured as failover instances at SiteMinder end:
1.By creating 2 DSN and use the Policy Server AdminUI to configure the Failover https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/HTML/idocs/346795.html
2. User the ODBC Driver FailOver capabilities to manage failover and especially the alternate servers option.
Both options are valid, the first one is the one that is managed by the policy server and the second by the DataDirect/Progress driver that we ship with the product.
Can you help me in understanding which option is more feasible and should be followed for configurations and why?
Anybody able to assist further with this users question?
Yes, both are valid approaches.
If you went with option 1, if there's any error contacting specific server/ database, the error will be logged in the Policy Server log and trace. You can track which database was not available or throwing error at a specific timeframe. Also, the Policy Server trace identify exactly which database PS was referencing to when it's authenticating/ validating the user.
Thanks Kelly for your response. However, I also want to understand if approach 1 has merits or demerits over approach 2 or vice-versa. Would be helpful if you are aware of any and provide your suggestions.
UD1 and UD2 operating in failover mode is defined in the Siteminder user directory setup.
If UD1 is not contactable, PS will failover to the UD2.
With Policy Server log, the error returned from the database will be logged there e.g: bind error or server not contactable. Error message is associated with specific database (UD1/ UD2).
Administrator can find out if certain database was unavailable at a certain timeframe and when did the Policy Server fail back to the primary database.
Policy Server trace can clearly identify the database (UD1/ UD2) of which the authentication/ validation request was made against.
UD is defined in Siteminder user directory setup while there are 2 database operating in failover mode defined in ODBC driver setup.
If the primary server is not contactable, the ODBC driver will failover to the next server in line.
However, the Policy Server will always reference the connection to user store database as UD, as if it's a single database server. It will not be able to differentiate if it's going to primary or secondary server.
With this approach you will need ODBC tracing to be enabled to track any error returned from the database server or track which database server was the request made against.
During the failover process, your application may experience a short pause while the driver establishes a connection on an alternate server. If your application is time-sensitive (a real-time customer order application, for example) and cannot absorb this wait, you can set the ODBC Driver Failover Preconnect connection option to true. Setting the Failover Preconnect option to true instructs the driver to establish connections to the primary server and an alternate server at the same time. Your application uses the first connection that is successfully established. If this connection to the database is lost at a later time, the driver saves time in reestablishing the connection on the server to which it fails over because it can use the spare connection in its failover process.