If I have three separate deployments of RSA Auth Manager (separate customers), can I use a single pair of web tier servers (2 Load balanced Windows Servers) in our DMZ to service all 3 RSA deployments using different installations of Web Tier on the same two Windows servers? Maybe under different ports for each instance on the two machines, etc? If it is possible, do you support this type of configuration?
No. A web-tier can only be configured to interact with a single deployment. It will distribute requests between all the primary and replica servers in that deployment (when possible), but user logins to web-tiers are directed at a single deployment. To support multiple AM deployments, the web-tier would have to figure out which login ID should be associated with a particular back-end deployment. It would also be complicated to manage because many times web-tiers are automatically patched by the primary server to which they're connected. If one of your AM deployments was at a different version, this could cause an incompatibility between the web-tier and some of your AM deployment servers.
Hey
Thanks for your input.
Can you please let me know if we are going to deploy the web tire on replica so we need to download the web tire package from replica or primary am ?
You create/edit web Tiers on the Primary. Including Generating and Downloading the Web Tier Package.
You can configure a Web Tier to use a Replica, but you cannot configure that web Tier on a Replica, it will clearly tell you when you try.
thanks jay
No. A web-tier can only be configured to interact with a single deployment. It will distribute requests between all the primary and replica servers in that deployment (when possible), but user logins to web-tiers are directed at a single deployment. To support multiple AM deployments, the web-tier would have to figure out which login ID should be associated with a particular back-end deployment. It would also be complicated to manage because many times web-tiers are automatically patched by the primary server to which they're connected. If one of your AM deployments was at a different version, this could cause an incompatibility between the web-tier and some of your AM deployment servers.