Configuring AADS for Failover Support

You can install and configure more than one Authentication Authorization and Directory Services (AADS) server in your Host Integrator installation to achieve failover support in case of a server error. Failover support is established by installing multiple instances of AADS for your Host Integrator installation and configuring your Hosts file or DNS to associate all AADSs with one symbolic name.

For example, in your Hosts file or DNS server you might have the following entries:  my_aads  my_aads  my_aads  my_aads

Each IP address refers to a machine with AADS installed on it. Whenever AADS services are requested, a call to "my_aads" is made. Because there is more than one, the DNS server will return a list of available AADSs (in this case there are four) to the Host Integrator AADS client (Host Integrator Server, Console, Session Monitor, or data object) that requested it. The Host Integrator AADS client will then attempt to contact the first one in the list. If no response is received, the Host Integrator Server attempts to contact the second AADS, and so forth.

This is where the failover support is achieved. Because all the AADS servers in an installation communicate with each other, configuration information is constantly shared. If one of the active AADS servers fails or is taken down, any other AADS server associated with the Host Integrator installation can provide AADS services with no loss of data and no compromises to security. In the DNS symbolic name for multiple AADSs example given above, a Host Integrator AADS client will always contact the first AADS in the list for services. This allows you to decide which AADS will handle the majority of requests. If you use a Hosts file to define the DNS symbolic name, the order of the entries in the list should be the same for all Hosts files. It is recommended that you do not configure your DNS server to return resources in round-robin or random order.

All operating systems under which Host Integrator AADS clients run support symbolic names for multiple AADSs.

Installing and Configuring AADS for Failover Support

When you install your first AADS during Setup, you are requested to enter the name of the AADS server. The name you enter must be unique and must not be the symbolic name you will use in the Hosts file or DNS to represent the multiple AADSs. Before you install the first AADS, you should modify your Hosts file or DNS server entries to establish the symbolic name to be used for all the AADS servers you plan to install. For each successive AADS you install, when you are prompted for the DNS symbolic name for multiple AADSs, specify the name you chose for Hosts file or DNS server entry. When you have installed all the AADS servers you plan to implement, you must modify the Hosts file or DNS server for all Host Integrator AADS clients that will request services.

When you register Host Integrator Servers or add directory servers using the Administrative WebStation or Session Monitor, you must use the symbolic name, not the AADS name you used when you installed the first AADS.

Once connected to a running AADS, the client (server, console, Session Monitor, or connector) should expect the same services regardless of the AADS server it's connected to. Using this configuration, domain server lookup, configuration locks, and authentication requests to all AADSs produce the same results.