The Next Steps differ based on your promotion process and deployment.
RSA recommends that you download the Next Steps for future reference. If you restart services on the instance, these steps are no longer available for viewing or downloading.
Before you begin
In the Operations Console on the new primary instance, click Deployment Configuration > Promotion > For Maintenance > Progress Monitor, and then click Next.
Complete the next steps that display.
RSA recommends that you click Download Next Steps to save a copy of the steps for future reference.
The following next steps are always required after a promotion for maintenance:
Restore RADIUS replication on the new primary instance
In the Security Console on the new primary instance, go to RADIUS > RADIUS Servers and click Initiate Replication to synchronize the replica RADIUS servers with the new primary instance.
If your deployment includes web tiers, restart services for each web tier.
Review the instance-specific system settings for the new primary instance and update any setting as needed.
Note: The new primary instance does not inherit these settings from the original primary instance.
In the Security Console, go to Setup > System Settings, and review the settings that are configured by instance.
For example, you may want to review and update the following instance-specific settings:
Verify your dynamic seed provisioning configuration
In the Security Console, go to Setup > System Settings, and under Authentication Settings, click Tokens.
Review the dynamic seed provisioning settings. If the fully qualified hostname of the demoted primary instance is used, update the setting with the fully qualified hostname of the new primary instance. For further instructions, see Configure Token Settings.
Depending on the outcome of the promotion, additional steps may also display.
If any of the following scenarios apply to the promotion that you completed, you must perform the corresponding task:
You chose to manually copy and transfer log data after promotion
The log backup file is created on the original primary instance. Using methods like FTP, transfer the backup file to a supported backup location. For instructions on restoring from a backup, see Restore from Backup.
Note: SSH must be enabled to access the local file system on the instance. To enable SSH, go to the Operations Console for the instance and click Administration > Operating System Access.
One or more additional replica instances could not be updated to point to new primary instance
Enable communication with replica instances
For each additional replica instance that could not be updated, log on to the Operations Console of the replica instance, click Administration> Network> Update Primary Hostname and update the Primary Hostname field to that of the new primary instance.
The original primary instance cannot be demoted
Reset and configure the original primary instance as a replica
The original primary instance was demoted, but services could not be started successfully
Reuse the original primary instance as a replica instance
Start services on the original primary instance and synchronize with the new primary instance. For more information, see Start and Synchronize the Original Primary Instance.
Synchronization of the original primary instance does not succeed
Synchronize original primary instance
Verify the following settings on the new primary instance.
Make sure that the identity sources that you use are accessible from the new primary instance.
Review the backup schedule for the new primary instance. Make sure that the new primary instance can communicate with the backup location.
Make sure that the link that is included in e-mail notifications for Self-Service user account changes contains the correct URL for the Self-Service Console.