Symantec Access Management

Hi,

I have integrated CA Directory with CA Strong Authentication server by creating organization following the below link.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/advanced-authentication/9-1/administrating/administrating-ca-strong-authentication/create-organization-in-ldap-repository.html

Here I can integrate only one directory server for one organization.
I want to configure directory server (user store) failover for Strong Authentication server, where if one directory server is stopped, it could get user's from the other directory.

Is there any way / options where we can able to use/integrate multiple directory server DSA those are in replication with the CA Strong Authentication server for a single organization while creating organization.

Please let me know if it is possible.

Thank you,
Regards,
Samarendra Routray

One option which I could think of is, having a  LB or VIP or even a router DSA in front of DSA servers and configure it in AA.
Original Message:
Sent: 07-21-2020 06:21 AM
From: Samarendra Routray
Subject: CA Directory (LDAP) failover configuration for CA Strong Authentication

Hi,

I have integrated CA Directory with CA Strong Authentication server by creating organization following the below link.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/advanced-authentication/9-1/administrating/administrating-ca-strong-authentication/create-organization-in-ldap-repository.html

Here I can integrate only one directory server for one organization.
I want to configure directory server (user store) failover for Strong Authentication server, where if one directory server is stopped, it could get user's from the other directory.

Is there any way / options where we can able to use/integrate multiple directory server DSA those are in replication with the CA Strong Authentication server for a single organization while creating organization.

Please let me know if it is possible.

Thank you,
Regards,
Samarendra Routray

As Ashok mentioned, if you decide to go with Symantec Directory router DSA, you can refer to Symantec Directory product documentation. Here are some samples that can assist you to get started with:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/directory/14-1/ca-directory-concepts/directory-distribution-and-routing/dsas-with-same-prefix.html

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/directory/14-1/ca-directory-concepts/directory-distribution-and-routing/improving-the-routing-performance.html

~Hitesh
Original Message:
Sent: 07-21-2020 10:26 AM
From: Ashok kumar Muthu
Subject: CA Directory (LDAP) failover configuration for CA Strong Authentication

One option which I could think of is, having a  LB or VIP or even a router DSA in front of DSA servers and configure it in AA.

Original Message:
Sent: 07-21-2020 06:21 AM
From: Samarendra Routray
Subject: CA Directory (LDAP) failover configuration for CA Strong Authentication

Hi,

I have integrated CA Directory with CA Strong Authentication server by creating organization following the below link.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/advanced-authentication/9-1/administrating/administrating-ca-strong-authentication/create-organization-in-ldap-repository.html

Here I can integrate only one directory server for one organization.
I want to configure directory server (user store) failover for Strong Authentication server, where if one directory server is stopped, it could get user's from the other directory.

Is there any way / options where we can able to use/integrate multiple directory server DSA those are in replication with the CA Strong Authentication server for a single organization while creating organization.

Please let me know if it is possible.

Thank you,
Regards,
Samarendra Routray

CA Advanced authentication supports single configuration for external repositories, you can use a Load Balanced External repository details for high availability but there is no failover logic in product for this.

-Namish
Original Message:
Sent: 07-21-2020 06:21 AM
From: Samarendra Routray
Subject: CA Directory (LDAP) failover configuration for CA Strong Authentication

Hi,

I have integrated CA Directory with CA Strong Authentication server by creating organization following the below link.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/advanced-authentication/9-1/administrating/administrating-ca-strong-authentication/create-organization-in-ldap-repository.html

Here I can integrate only one directory server for one organization.
I want to configure directory server (user store) failover for Strong Authentication server, where if one directory server is stopped, it could get user's from the other directory.

Is there any way / options where we can able to use/integrate multiple directory server DSA those are in replication with the CA Strong Authentication server for a single organization while creating organization.

Please let me know if it is possible.

Thank you,
Regards,
Samarendra Routray

Load Balancer can do the failover & load balancing. If one of the user store is not up and running then LB can identify that with health monitoring and mark that user store offline.
Original Message:
Sent: 07-22-2020 03:44 PM
From: Namish Tiwari
Subject: CA Directory (LDAP) failover configuration for CA Strong Authentication

CA Advanced authentication supports single configuration for external repositories, you can use a Load Balanced External repository details for high availability but there is no failover logic in product for this.

-Namish
Original Message:
Sent: 07-21-2020 06:21 AM
From: Samarendra Routray
Subject: CA Directory (LDAP) failover configuration for CA Strong Authentication

Hi,

I have integrated CA Directory with CA Strong Authentication server by creating organization following the below link.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/advanced-authentication/9-1/administrating/administrating-ca-strong-authentication/create-organization-in-ldap-repository.html

Here I can integrate only one directory server for one organization.
I want to configure directory server (user store) failover for Strong Authentication server, where if one directory server is stopped, it could get user's from the other directory.

Is there any way / options where we can able to use/integrate multiple directory server DSA those are in replication with the CA Strong Authentication server for a single organization while creating organization.

Please let me know if it is possible.

Thank you,
Regards,
Samarendra Routray