Primary Instance

The primary instance is the initial Authentication Manager system that you deploy. Once you deploy a primary instance, you can add replica instances. It is possible to promote a replica instance to replace the primary instance in maintenance or disaster recovery situations.

The primary instance is the only system in the deployment that allows you to perform all Authentication Manager administrative tasks. Some administrative tasks can be performed on a replica instance, for example, replica promotion and log file collection.

The main functions of the primary instance include the following:

  • Authenticating users.

  • Enabling administration of Authentication Manager data stored in the internal database. You can perform tasks such as importing and assigning SecurID tokens, enabling risk-based authentication (RBA), adding LDAP identity sources, configuring self-service, generating replica packages, and generating agent configuration files and node secrets.

  • Replicating changes due to administration and authentication activities.

  • Handling self-service requests.

  • Maintaining the most up-to-date Authentication Manager database.