|Applies To||RSA ClearTrust Agent 4.0 for Microsoft Internet Information Services (IIS) 5.0|
Microsoft Windows 2000 Advanced Server SP3
Microsoft Internet Information Server (IIS) 5.0
|Issue||RSA ClearTrust Agent does not failover to secondary auth server if primary is shutdown or disconnected from network|
If auth server is started via BAT file, failover works, if started as a service, failover does not work.
|Cause||In the ClearTrust code there's a connect() call that is made to open the TCP/IP socket to the dispatcher. This connect() call has a hard-coded timeout of 180 seconds and a hard-coded retry value of 3. So, in the scenario above where the machine running the primary auth server is disconnected from the network or shutdown there would be approximately a 12 minute delay before the secondary auth server would start accepting auth requests.|
|Resolution||Contact RSA Customer Support and request the ctRFE36649 enhancement/fix. Follow the instructions in the readme provided for proper installation.|
|Legacy Article ID||a17647|