View the Next Steps for Promotion for MaintenanceView the Next Steps for Promotion for Maintenance
The Next Steps differ based on your promotion process and deployment.
RSA recommends that you download the Next Steps for future reference. If you restart services on the instance, these steps are no longer available for viewing or downloading.
Before you begin
In the Operations Console on the new primary instance, click Deployment Configuration > Promotion > For Maintenance > Progress Monitor, and then click Next.
Complete the next steps that display.
RSA recommends that you click Download Next Steps to save a copy of the steps for future reference.
The following next steps are always required after a promotion for maintenance:
If your deployment includes web tiers, restart services for each web tier.
Review the instance-specific system settings for the new primary instance and update any setting as needed.
Note: The new primary instance does not inherit these settings from the original primary instance.
In the Security Console, go to Setup > System Settings, and review the settings that are configured by instance.
For example, you may want to review and update the following instance-specific settings:
Verify your dynamic seed provisioning configuration
In the Security Console, go to Setup > System Settings, and under Authentication Settings, click Tokens.
Recreate the read-only database user
If you had a read-only database user on the original primary instance, use the manage-readonly-dbusers command line utility to recreate the same read-only database user, with the same password and the same client IP address. If you receive a message that the user already exists, you must delete the previous account.
For instructions, see the Developer's Guide topic "SQL Access to the RSA Authentication Manager Database."
Depending on the outcome of the promotion, additional steps may also display.
If any of the following scenarios apply to the promotion that you completed, you must perform the corresponding task:
You chose to manually copy and transfer log data after promotion
The log backup file is created on the original primary instance. Using methods like FTP, transfer the backup file to a supported backup location. For instructions on restoring from a backup, see Restore from Backup.
Note: SSH must be enabled to access the local file system on the instance. To enable SSH, go to the Operations Console for the instance and click Administration > Operating System Access.
One or more additional replica instances could not be updated to point to new primary instance
Enable communication with replica instances
For each additional replica instance that could not be updated, log on to the Operations Console of the replica instance, click Administration> Network> Update Primary Hostname and update the Primary Hostname field to that of the new primary instance.
The original primary instance cannot be demoted
Reset and configure the original primary instance as a replica
The original primary instance was demoted, but services could not be started successfully
Reuse the original primary instance as a replica instance
Start services on the original primary instance and synchronize with the new primary instance. For more information, see Start and Synchronize the Original Primary Instance.
Synchronization of the original primary instance does not succeed
Synchronize original primary instance
Verify the following settings on the new primary instance.
Make sure that the identity sources that you use are accessible from the new primary instance.
Review the backup schedule for the new primary instance. Make sure that the new primary instance can communicate with the backup location.
Make sure that the link that is included in e-mail notifications for Self-Service user account changes contains the correct URL for the Self-Service Console.