|RSA Authentication Manager 8.2 Service Pack 1 Patch 6 introduces a method of performing a manual transfer of the primary dump and primary dump SHA-256 signature file to the replica instance.|
NOTE: This procedure requires secure shell (SSH) to be enabled on the Authentication Manager instances in the deployment. Refer to the article on how to Enable Secure Shell on the Appliance for more information.
The following instructions allow an administrator to perform the manual transfer of the primary dump and primary dump SHA-256 signature file to a single replica instance. Where there is more than one replica instance in the Authentication Manager deployment, repeat the instructions for each replica instance that requires a sync. Only synchronize one replica instance at a time.
On a replica instance
- Logon to the command line of a replica instance with the rsaadmin account.
- On the replica instance navigate to /opt/rsa/am/utils folder using the command:
- Add a new global parameter to the replica instance using the command:
./rsautil store -a add_config auth_manager.synchronization.manual_transfer.wait.minutes 15 GLOBAL 501
The global parameter auth_manager.synchronization.manual_transfer.wait.minutes is a timer delay providing fifteen (15) minutes for the administrator to perform a manual transfer of the primary dump and signature file to the replica instance. This value can be altered; however, fifteen minutes is more than enough time to move a 2GB primary dump with SHA-256 signature file to the replica instance.
Restart the Authentication Manager replica instance to activate the above global parameter.
/opt/rsa/am/server/rsaserv restart all
On the primary instance
- Logon to command line of the primary instance with the rsaadmin account.
- Logon to the primary Operations Console and select Deployment Configuration > Instances > Status Report.
- Click the Sync link in the Action column for the replica instance where you have the SSH session open.
- Wait for the task Starting database dump on primary to start.
- At the command line of the primary instance, navigate to /opt/rsa/am/replication/attachment_data_for_replica:
- In the /opt/rsa/am/replication/attachment_data_for_replica directory, the administrator will find a new folder called instance_<number>.
- Navigate into this fdirectory:
The primary_dump and primary_dump.sha256 will be created in the instance_<number> folder. When the administrator sees the primary_dump.sha256 file then further tasks are required to get the primary_dump and primary_dump.sha256 files into the /opt/rsa/am/replication/attachment_data_from_primary folder on the replica instance.
This article provides instructions to use SFTP (a secure command line FTP program). Alternatively use a different secure FTP client (for example, WinSCP) to copy the primary_dump and primary_dump.sha256 files from the /opt/rsa/am/replication/attachment_data_for_replica/instance_<number> folder on the primary instance into the /opt/rsa/am/replication/attachment_data_from_primary folder on the replica instance.
Back on the replica instance
- Navigate to the /opt/rsa/am/replication/attachment_data_from_primary directory.
- Use the secure FTP program on the replica instance to connect to the primary instance
- In the secure FTP program navigate to the local directory called /opt/rsa/am/replication/attachment_data_for_replica.
- List the contents of this folder to get the instance folder name.
- Now navigate into the instance_<number> directory:
sftp> cd instance_810a23043f02a8c0293c1ae3674260f9
- Manually transfer the primary dump and primary dump SHA-256 signature file to the replica instance using the get command.
- Check the remote files on the primary instance are the same size as the files copied to the replica instance.
sftp> ls -lah
drwx------ 0 1000 1000 4.0K Dec 19 12:31 .
drwx------ 0 1000 1000 4.0K Dec 19 12:26 ..
-rw------- 0 1000 1000 754M Dec 19 12:31 primary_dump
-rw------- 0 1000 1000 64B Dec 19 12:31 primary_dump.sha256
sftp> lls -alh
drwx------ 2 rsaadmin rsaadmin 4.0K Dec 19 12:33 .
drwxr-xr-x 5 rsaadmin rsaadmin 4.0K Dec 19 12:25 ..
-rw------- 1 rsaadmin rsaadmin 754M Dec 19 12:33 primary_dump
-rw------- 1 rsaadmin rsaadmin 64 Dec 19 12:33 primary_dump.sha256
- Where the files match in size, the administrator can exit the secure FTP program:
Back on the primary instance
- Go back to the web browser showing the Sync tasks in the primary Operations Console and monitor the completion of the tasks.
- After the Task Starting replica services has completed click the Done button and check the replication status of the replica instance. It is expected to be Normal.