Configure a Reflection for Secure IT Server for Windows Cluster

To configure a cluster, you must be running the server in a Microsoft cluster environment. The Microsoft cluster service is required to manage access to shared resources.

Install Reflection for Secure IT Server for Windows on each node of your cluster

  1. Install the Reflection for Secure IT server on the node and restart Windows.

    Note: Restarting Windows is required to complete the Reflection for Secure IT installation, and this restart automatically starts the Reflection for Secure IT service. In a cluster, the Reflection for Secure IT service should not be started until after the cluster is correctly configured. The next step ensures that the server is not running on any node until after configuration is complete.

  2. Launch the Reflection for Secure IT console and stop the server (Action > Stop Server).
  3. Repeat these steps on every node that you want to include in your cluster.

Configure the cluster

  1. Open the Microsoft cluster management tool (Failover Cluster Management in Windows 2008 or Cluster Administrator in Windows 2003).
  2. Create a cluster group for Reflection for Secure IT Server for Windows.
  3. Add the following items to the Reflection for Secure IT cluster group.

    Resource Type

    Description

    Physical Disk

    Location of the Reflection for Secure IT data folder.

    IP Address

    The IP address used by the server.

    Network Name

    The host name used by the server.

  4. Add the Reflection for Secure IT service to the cluster group using the following settings:

    Settings

    Values

    Resource Type

    Generic Service

    Generic Service Parameters

    Set service name equal to:
    Attachmate Reflection for Secure IT Server

    Enable this setting:
    Use network name for computer name

    Dependencies

    Add the following resources:
    Physical Disk
    IP Address
    Network Name

    Registry Replication

    Add this HKEY_LOCAL_MACHINE key:
    SOFTWARE\Attachmate\RSecureServer

  5. Do this step only if you are running Windows 2008. It ensures that incorrect parameters are not added to the Reflection for Secure IT service startup command.
    1. On the computer you are using to configure the cluster, open a command window as an administrator. (Start > All Programs > Accessories, right-click Command Prompt > Run as administrator.)
    2. Enter the following command:

      cluster res "Attachmate Reflection for Secure IT Server" /priv

    3. If any startup parameters are configured, enter the following to clear the parameters:

      cluster res "Attachmate Reflection for Secure IT Server" /priv StartupParameters=""

    4. Repeat step b to verify that there are now no startup parameters configured.

Configure Reflection for Secure IT Server for Windows

  1. Open the Reflection for Secure IT console on the active node of your cluster group.
  2. From the Action menu, click Set Data Folder.
  3. Select Enable clustering and use cluster folder.
  4. For Data folder, specify the folder you want to use for Reflection for Secure IT data. This replaces the default data folder. This should be a local folder on the shared physical disk you have set up as part of your cluster group.
  5. Configure Reflection for Secure IT server settings.

    Note: When you change the Data folder setting, Reflection for Secure IT creates a new host key and a new default configuration file in the new location unless these files already exist in the new location. As a result, any settings you have previously configured are no longer used. After you make this change, you can use the console to configure your desired settings and the changes will be saved to the new location. Or, you can copy existing data (such as the host key and your existing configuration file) to the new data folder location.

  6. Check to be sure that no files or folders configured for use by Reflection for Secure IT reside on any individual node in your cluster. This ensures that files accessed by users will remain available after a failover.

    By default, the following settings use the Windows user profile folder (specified by %D). Depending on your current configuration, you may need to reconfigure the Windows profile folder location, or modify your Reflection for Secure IT settings.

    Setting

    Notes

    User key directory

    Used for user public key authentication. The default is %D\.ssh2.

    User login directory

    The default login directory for SFTP and SCP2 file transfer is %D.

Start Reflection for Secure IT Server for Windows

After the cluster is correctly configured, you can start the service from the Reflection for Secure IT console or from the cluster management tool.

 

To use

Do this

 

The Reflection for Secure IT console

Open the console on the active node and start the server (Action > Start Server).

 

The Microsoft cluster management tool

Bring the Reflection for Secure IT service online.

Related Topics

Using a Server Cluster