Layer7 Access Management

Expand all | Collapse all

Configuring AutoSweep to Run on a Schedule: Local vs Global?

  • 1.  Configuring AutoSweep to Run on a Schedule: Local vs Global?

    Posted 02-20-2015 12:10 PM

    I am configuring AutoSweep (XPSSweeper) to run every 24 hours in our SiteMinder Environment (We have 8 Policy Servers and a single policy store). What do the Local and Global options mean? When would I select either one.



  • 2.  Re: Configuring AutoSweep to Run on a Schedule: Local vs Global?

    Posted 03-06-2015 11:29 AM

    Just saw this...hopefully you got your answer by now...but if not my understanding is:

     

    - Global sets the configuration in the policy store and therefore any Policy Server connecting to that store would use it

     

    - Local sets the configuration in a local configuration file and takes precedence over the global

     

    So you can set it global 24 hours which all 8 of your Policy Servers would follow. If, for some reason, you wanted one of them to use 12 hours you could set it locally on only that single Policy Server (end up with 7 every 24 hours and 1 every 12 hours).



  • 3.  Re: Configuring AutoSweep to Run on a Schedule: Local vs Global?

    Posted 03-06-2015 06:00 PM

    kbuckle7

     

     

    Out of Curiosity, what version of Siteminder is being using. Believe in another thread it was adviced as R12.52 SP1. Is it the same version?

     

    Could I know the logical reasoning being running XPSSweeper so periodically; if all of the environment is on R12.52 SP1 i.e. only XPS layer is being used.

     

     

    Regards

     

    Hubert



  • 4.  Re: Configuring AutoSweep to Run on a Schedule: Local vs Global?

    Posted 02-02-2016 06:04 PM

    I believe setting sweeper to run locally on one policy server should be fine as that would make sure that two different types of policy stores are synchronized. Running the sweeper on all 8 policy servers might cause some replication issues on the policy store, especially if the run time overlaps betweens the policy servers.

     

    I have set this only on one policy server per policy store to avoid the replication corruption issues as our Pstore is in CA directory.


    Would like to confirm if this is the right approach and also what would be case where it would be appropriate to set the Sweeper on all policy servers (Globally instead of locally) that are pointed to a single P-Store.

     

    Thanks