Show Contents / Index / Search

Configure a Reflection for Secure IT Cluster

To configure a cluster, you must be running the server in a Microsoft cluster environment. The Microsoft cluster service is required to manage access to shared resources.

Install Reflection for Secure IT

  1. Install Reflection for Secure IT on each node of your cluster and restart Windows.

    Note: Restarting Windows is required to complete the Reflection for Secure IT installation, and this restart automatically starts the Reflection for Secure IT service. In a cluster, the Reflection for Secure IT service should not be started until after the the cluster is correctly configured. The next step ensures that the server is not running on any node until after configuration is complete.

  2. Launch the Reflection for Secure IT console and stop the server (Action > Stop Server).

Configure the cluster

  1. Open the Microsoft cluster management tool (Failover Cluster Management in Windows 2008 or Cluster Administrator in Windows 2003).
  2. Create a cluster group for Reflection for Secure IT.
  3. Add the following items to the Reflection for Secure IT cluster group.

    Resource Type

    Description

    Physical Disk

    Location of the Reflection for Secure IT data folder.

    IP Address

    The IP address used by the server.

    Network Name

    The host name used by the server.

  4. Add the Reflection for Secure IT service to the cluster group using the following settings:

    Settings

    Values

    Resource Type

    Generic Service

    Generic Service Parameters

    Set service name equal to:
    Attachmate Reflection for Secure IT Server

    Enable this setting:
    Use network name for computer name

    Dependencies

    Add the following resources:
    Physical Disk
    IP Address
    Network Name

    Registry Replication

    Add this HKEY_LOCAL_MACHINE key:
    SOFTWARE\Attachmate\RSecureServer

  5. Do this step only if you are running Windows 2008. It ensures that incorrect parameters are not added to the Reflection for Secure IT service startup command.
    1. On the computer you are using to configure the cluster, open a command window as an administrator. (Start > All Programs > Accessories, right-click Command Prompt > Run as administrator.)
    2. Enter the following command:

      cluster res "Attachmate Reflection for Secure IT Server" /priv

    3. If any startup parameters are configured, enter the following to clear the parameters:

      cluster res "Attachmate Reflection for Secure IT Server" /priv StartupParameters=""

    4. Repeat step b to verify that there are now no startup parameters configured.

Configure Reflection for Secure IT

  1. Open the Reflection for Secure IT console on the active node of your cluster group.
  2. From the Action menu, click Configure Cluster.
  3. Select Enable Cluster.
  4. For Configuration directory path, specify the folder you want to use for Reflection for Secure IT data. This replaces the default data folder. This should be a local folder on the shared physical disk you have set up as part of your cluster group.
  5. Configure Reflection for Secure IT server settings.

    Note: When you modify Configuration directory path, Reflection for Secure IT looks in the new location for the server configuration file. As a result, any settings you have previously configured on this computer are no longer used. After you make this change, you can use the console to configure your desired settings, and the changes are now saved to the new location. Or, you can copy existing data (such as the host key and your existing configuration file) to the shared configuration directory.

  6. Check to be sure that no files or folders configured for use by Reflection for Secure IT reside on any individual node in your cluster. This ensures that files accessed by users will remain available after a failover.

    By default, the following settings use the Windows user profile folder (specified by %D). Depending on your current configuration, you may need to reconfigure the Windows profile folder location, or modify your Reflection for Secure IT settings.

    Setting

    Notes

    User key directory

    Used for user public key authentication. The default is %D\.ssh2.

    User login directory

    The default login directory for SFTP and SCP2 file transfer is %D.

Start Reflection for Secure IT

After the cluster is correctly configured, you can start the service from the Reflection for Secure IT console or from the cluster management tool.

 

To use

Do this

 

The Reflection for Secure IT console

Open the console on the active node and start the server (Action > Start Server).

 

The Microsoft cluster management tool

Bring the Reflection for Secure IT service online.

Related Topics

Using a Server Cluster