Idea Details

CA Directory Management UI 14.0 - Managing manually created DSA's

Last activity 06-13-2019 09:38 AM
Vishal K's profile image
09-26-2018 02:27 AM

We have installed CA Directory Management UI, Directory and DX Agent on our POC server. But we found that the CA Directory Management UI doesn’t display the DSA's which we have created manually using dxnewdsa command on CA directory server. It only displays the DSA's created using management UI and allow to manage it. Is it a product limitation? If yes, then can we have this feature available to display manually created DSA's in Management UI?


Comments

11-26-2018 03:38 PM

Vishal,

 

I think one challenge that you are facing is that you are trying to create DSA's on the Management UI host. This is actually NOT recommended for anything beyond a quick test setup. We anticipate that product DSA's will be running on different hosts than the UI server. 

 

If you follow the procedure that Hubert mentioned, you can import the manually created DSA's into a UI configuration (by creating them first manually and then adding the host). If you create a DSA manually after that, it will not get added after the host is being managed by the UI.

 

 

The other question is really what are you trying to do by creating the DSA manually? Is it a DevOps process or some other reason why you don't want to use the UI to create the DSA?

 

I'm going to decline this enhancement since I can offer another suggestion. If you leverage the REST API's in 14.0 to create the DSA using a script, the REST API will create the DSA and also keep it in sync with the UI.

 

thanks,

Rob

PM for Directory

09-26-2018 10:13 AM

VKSSO

 

If I'm understanding this correct, you created a new DSA instance manually on the same server as Directory Management UI and the dsa instance (SSOPS_DSA) created using management UI? Is this true ?

 

If Yes, then "dxserver status" should show all DSA instances. That I believe is the basic thing even before we talk about displaying in UI. It seems like "dxserver status" does not even acknowledge there is any other instance in existance on the server. If "dxserver status" does not show any other instance, Directory Management UI will not show either. So I'd start my investigation as to why "dxserver status" does not display the new dsa which was created manually. This needs more deeper investigation of your steps and setup. I'd say raise a CA Support Case OR engage a CA Services Rep.

 

I'd recommend to re-evaluate what we are trying to achieve here. We have to pick one approach i.e. UI Approach OR File Based Approach for managing.

 

Do you have a specific use case to be adopting the hybrid model ? If the use case is "We want to manage File Based created DSA's using Directory Management UI"; that is not a supported use case at the moment. But like I mentioned, I created a hybrid model for a customer based on a very specific use case, which was not managing File Based created DSA's using Directory Management UI.

 

 

Regards

Hubert

09-26-2018 04:51 AM

Hi Hubert,

 

I did follow the instructions mentioned on links shared by you for creating new environment and adding a host. However, Management UI still doesn't show DSA created manually.

 

[dsa@xxxxxxxx ~]$ dxserver status
xxxxxxxx-management-ui started
xxxxxxxx-monitoring-management-ui started
DIR_SMPS started
SSOPS_DSA started

 

However, management UI just shows the DSA created using management UI. Please see below snapshot -

 

09-26-2018 03:03 AM

VKSSO

 

Step-1 : Create a new Environment using the UI.

Environments - CA Directory - 14.0 - CA Technologies Documentation 

 

Step-2 : Add a new host.

Environments - CA Directory - 14.0 - CA Technologies Documentation 

 

This will make sure once the dxagent is registered with the UI all DSA's (Created manually OR created using UI) running on that HOST, will be displayed.

 

But as I mentioned be very careful on what you do next, manually configured DSA are best if they are managed manually. If you try to use UI to manage, manually configured DSA, you'd convert the manually configured DSA to a UI managed DSA (overwrite all manual configuration with the configurations from UI).

 

As an example see below diagram. This UI representation is misleading. I know it because I configured this hybrid model. But if someone else who has no historic knowledge of how this is setup and looks at the UI, can be totally mislead looking at this. Everything in i13129 is setup using Directory Management UI. Everything in i13130 is manually built. Now if we see there a one directional arrow going from i13129-datadsa1 to i13130-datadsa1; this is misleading, because we have replication configured both ways. The UI does not show that because in i13130-datadsa1, we configured replication manually and in i13129-datadsa1 we configured replication using UI.

 

09-26-2018 02:43 AM

Hi Hubert,

 

Thanks for your quick help !

 

Could you please let us know further what all configurations you done to make it work? I did the OOTB installation of Management UI and then created DSA's manually, but it's not displaying it over there. Tried to restart Node.js server, dxagent etc, but no luck.

09-26-2018 02:37 AM

VKSSO

 

It does display. We just did a hybrid model wherein we added Directory Management UI for its SCIM capabilities, to a infrastructure which was built manually. But once it gets displayed, you have to very careful on what you do next, because if you do anything from the UI to try and manage the manually built DSA, UI will wipe out everything on the manually built DSA. UI does not sync up (pickup) configuration from manually built DSA, but UI will push configuration to manually built DSA as per what is configured in UI (if you save anything from UI on that DSA).