CA Service Management

  • Private Community
 View Only

  • 1.  Move Service Catalog from one AD-domain to another

    Posted Sep 28, 2017 06:27 AM

    Hi all, would really appreciate som ideas and thoughts on this:

     

    We have Service Catalog, USS, SDM, ITAM, PAM and EEM in one and the same Active Directory domain. We are now considering moving Service Catalog, USS and PAM to a new AD domain. All applications are v14.1, PAM is v.4.3.1 and EEM is 12.51. 

     

    Does anyone have experience of this kind of operation? What practical challenges can we expect to encounter?

    Can we move the servers to the new domain and reconfigure the CA applications and then make sure all applications use the correct FQDN for each other? If so, do we use the Common Installer or some other method to do the reconfiguration?

    Or do we need to reinstall the CA applications after moving the servers to the new domain?

    Or do we need to do a fresh install of the CA applications (SC, USS, PAM) on new servers in the new domain?

    The possibilities are endless... :-)

     

    We already have a document that details which firewall ports that need to be open between the various CA components, so that is reasonably under control. 

     

    Best regards,

    Heikki Ikonen

    Netgain



  • 2.  Re: Move Service Catalog from one AD-domain to another
    Best Answer

    Broadcom Employee
    Posted Sep 28, 2017 07:28 AM

    Good Afternoon Heikki.
     
    Please find the following info as a starting point for CA Service catalog.
    - As the user authentication isn't changing, and Catalog doesn't care if it's in a Windows cluster or not, this will be fine.
    - Only change is Domain name and not the Hostname so if it resolves the name it should not be an issue
    - SM 14.1 WIKI Pages:
    https://docops.ca.com/ca-service-management/14-1/en/administering/administering-ca-service-catalog/perform-maintenance2. Update the Database Host, Port, Instance, or Service Names
    https://docops.ca.com/ca-service-management/14-1/en/administering/administering-ca-service-catalog/perform-maintenance/update-the-database-host-password-instance-service-name-or-port
    https://docops.ca.com/ca-service-management/14-1/en/administering/administering-ca-service-catalog/perform-maintenance/update-the-ca-eem-host-name-and-application-names
    https://docops.ca.com/ca-service-management/14-1/en/administering/administering-ca-service-catalog/perform-maintenance/update-the-host-name-and-port-number-using-the-ant-command
     
    Kind regards, Louis van Amelsfort.



  • 3.  Re: Move Service Catalog from one AD-domain to another

    Broadcom Employee
    Posted Sep 28, 2017 11:09 AM

    It will depend on how you have the servers configured - if SDM and Catalog are integrated, and moved to no longer be in the same domain, then referring to each other by merely hostname will no longer work and you'll need to update the integration to use FQDN instead. Similarly, if Catalog and PAM are no longer in the same domain as EEM then they will need to know where to find the server.

     

    The documentation Louis links should help you correct these.

     

    regards

    Iain



  • 4.  Re: Move Service Catalog from one AD-domain to another

    Posted Oct 02, 2017 10:11 AM

    Hi Louis and Iain,

    Thanks, that has given me a lot of useful information to continue working on!

     

    /Heikki

    Netgain