Symantec IGA

Expand all | Collapse all

Global users data is not in sync between provisioning servers cluster environment

Jump to Best Answer
  • 1.  Global users data is not in sync between provisioning servers cluster environment

    Posted 12-18-2017 01:41 AM

    Hi,

     

    We have CA Identity Manager installed and working fine. Provisioning servers are installed in cluster environment and up and running but we noticed that the global users data is not getting sync between 01 and 02 servers.

     

    The Global users are getting created only in 01 server and that users information is not getting reflected in 02 server. it worked sometime till october and stopped working so is there a way to verify why it stopped working and why Global users data is not reflecting in 02 server.

     

    Thanks,

    Rajesh



  • 2.  Re: Global users data is not in sync between provisioning servers cluster environment

    Posted 12-19-2017 03:50 AM

    Hi,

     

    Even verified if there is an issue due to the schema in DSA but found that the schema files are in sync between both the server.

     

    Also found that in the provisioning manager cluster configuration on 02 server the 01 server details are missing. Not sure if this is the reason behind the issue. Can some one let me know if they have faced a similar issue.

     

    Regards,

    Rajesh



  • 3.  Re: Global users data is not in sync between provisioning servers cluster environment
    Best Answer

    Broadcom Employee
    Posted 12-19-2017 11:14 AM

    Rajesh,

     

    The key here is "worked sometime till october" . Seems like you are facing the expired cert issue where Provisioning Directory DSAs are set to perform MW replication over SSL and that is where the failure is.

     

    I suggest, depending on IDMGR version, follow the community post below to confirm and replace the certs and see if that helps to resolve the problem for you. If that still doesn't helps, I recommend to open a support case.

     

    Resolution Steps for: Provisioning Certificates that expired on 6th Oct,2017 & Directory DSA certificates that expired on 25th Nov,2017 

     

    Thanks,

    Hitesh