Reset Search
 

 

Article

KB28219 - How to sync user created bookmarks when switching the authentication server across Cluster Nodes

« Go Back

Information

 
Last Modified Date11/18/2015 9:31 AM
Synopsis

This article describes the steps required to synchronize user created web, file and terminal services bookmarks across cluster nodes when switching the authentication server from Active Directory (AD) to LDAP.

Note: The username on both authentication servers must be the same for the bookmark sync to succeed.

Problem or Goal

User has an A/A or A/P cluster and plans to migrate the authentication server from AD to LDAP. The goal is to make sure that all the user created bookmarks are also migrated when the authentication server is changed.

Cause
Solution

The following setup is for an Active/Passive cluster. The same setup applies to an Active/Active cluster, except that it does not matter which node we configure as  the client in an A/A scenario.

The User Realm currently is set to use AD authentication server "SSLVPNAD", as seen in the following figure:

1. Enable User Record Synchronization on this AD authentication server and give a Logical Auth Server Name as seen in the following figure:

2. On the Active node of the cluster, configure User Record Synchronization as seen in the following example:

Active Node Internal IP : 10.209.69.71
Passive Node internal IP : 10.209.69.85
Cluster Internal VIP :
10.209.69.89

Note: In an A/P Cluster, set the Node Function as Client Only.




Under This Client, add the Passive Node Internal IP Address as Primary Server:




Under This Server, no configuration is required.


 

3. On the Passive node, configure User Record Synchronization as seen in the following figure:



 

Under This Client, add the Node itself.


Under This Server, add the node IP to the Peer Servers section and Active node IP to the Client Nodes section.



 

4. Enable User Record Synchronization on the LDAP Server SSLVPNLDAP, and enter the same Logical Auth Server Name.




The configuration is complete.
 

Now, sign in to the Cluster VIP IP and create two web bookmarks, as seen in the following figure:

Switch the Authentication Server under the REALM to the LDAP server, SSLVPNLABLDAP.



 

Now, sign in to the Cluster VIP again. You should see the user created bookmarks now synchronized.

The logs on both nodes show that the bookmarks synchronized correctly:

On Active Node:

On Passive Node :

 
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255