Authorization and Fault-Tolerant Servers

When authorization is enabled for a fault tolerant configuration, the connection between the EMS servers in the fault tolerant pair is also authenticated. The standby server connects to the active server as a user whose name is its EMS instance name.

Before enabling authorization, you must therefore create a user with the EMS Instance Name and assign it the password configured for the EMS server. This user must be deployed to both servers in the fault tolerant pair. If the standby server does not have this user configured, it cannot connect to or replicate data from the active server.

In Central Administration:

  • In the Users properties page, create a user with the EMS Instance Name.
  • In the Password field on the Server Properties page, make sure that the same password granted to the new user is assigned to server.

Create the user when the appliance is in the active-replicating state, using either Central Administration or the admin tool. The username must be the same as the EMS Instance Name.

Tip: The EMS Instance Name is configured during software initialization, and can be viewed using the setup-show command, or changed using the ems-config configuration setup command. Use the info command to view the server state.

After the new user has been deployed to both active and standby servers, you can enable authentication.

Note: If you enabled authorization before creating the EMS Instance Name user, or if the user was not deployed to the standby server when authorization was enabled, then the standby server will not be able to connect to the active server and will not be able to enter the replicating state. Disable authorization, then ensure that the user has been correctly created and replicated to the standby server before reenabling authorization.