Failover deployment

    Failover deployment ensures high availability by running ADSelfService Plus on more than one server, so end users can access the product even if a server fails. In this setup, you configure one instance as the primary server and one or more instances as secondary servers. The primary server handles all requests while the secondary servers stay on standby. If the primary server becomes unavailable, a secondary server takes over and continues serving requests without manual intervention.

    How this works

    Failover deployment in ADSelfService Plus groups the primary and secondary servers behind a single access point. As a result, end users always reach the active server through one address, no matter which server is currently active. At any given time, only the active server serves requests; the other servers remain on standby. All servers share one database, so each server works from the same data.

    The type of access point you use depends on whether the servers are on the same subnet.

    • When the servers are on the same subnet, end users connect through a virtual IP, which can be optionally mapped to a virtual hostname. During failover, the virtual IP automatically binds to the standby server that takes over.
    • When the servers are on different subnets, a virtual IP cannot be assigned. You will have to use a virtual hostname instead.

    When the active server experiences sustained downtime, a standby server becomes the new active server and resumes handling end-user requests. How traffic reaches the new server depends on the access mode. With a virtual IP, the IP automatically binds to the new active server. With a virtual hostname, end users reach the new server through that hostname. Because the standby server already shares the primary server's database, no data is lost during the takeover.

    Scheduled jobs run on the primary server by default. If the primary server fails, scheduled jobs run on the server that takes over as the active server. You can identify the current active server on the Failover tab.

    Deploying a failover architecture in ADSelfService Plus.

    Fig.1: Deploying a failover architecture in ADSelfService Plus.

    Prerequisites

    Before you configure failover deployment, ensure your environment meets the following requirements.

    • Permissions: Administrator access to the ADSelfService Plus console. The account that runs the product service needs operating system privileges to bind and unbind the virtual IP when the servers are on the same subnet.
    • Edition: You can implement failover deployment only through the Failover and Secure Gateway Services add-on. Visit the store to purchase it.
    • Number of servers: At least two ADSelfService Plus servers — one primary server and one or more secondary servers.
    • Product version: All servers must run the same ADSelfService Plus build version and build architecture (32-bit or 64-bit).
    • Service: Each ADSelfService Plus instance must run as a service.
    • Database: Use an external database (PostgreSQL or Microsoft SQL) for failover. The secondary servers use the database configured on the primary server. The built-in PostgreSQL database can cause a database connectivity failure if the primary server goes down, which renders the product non-functional.
    • Shared resources: Every server in the setup must be able to access all configured directories, the external database, and product-related files.
    • Network: The product port (default 9854) must be open and reachable on all servers. Every server must use the same port as the primary server. The failover service communicates over a separate port (default 7800), so ensure no firewall or antivirus blocks it between servers. If the access URL requires HTTPS, enable HTTPS on all servers.

    Limitations

    The following constraints apply to failover deployment in ADSelfService Plus.

    • You configure and change failover settings only from the primary server.
    • Only one server is active at a time. The primary server serves all requests while the secondary servers remain on standby.
    • If the primary and secondary servers are on different subnets, you cannot use a virtual IP. Use a virtual hostname for the access URL instead.

    Configuration instructions

    To set up failover deployment in ADSelfService Plus, define the primary server, add the secondary servers, and set the access mode. Follow these steps.

    1. Log in to ADSelfService Plus as an administrator.
    2. Go to Admin > Enterprise Essentials > Failover and Secure Gateway.
    3. On the Failover tab, click Click to Configure.
    4. In the Deployment Mode field, select Failover.
    5. In the Primary Server section, confirm the Primary Server URL. ADSelfService Plus fills in the URL of the server you are currently accessing.
    6. In the Secondary Server(s) section, enter the Secondary Server URL of the instance you want to add as a secondary server. The port defaults to 9854.
    7. Enter the Admin Username of the secondary server.
    8. Enter the Admin Password of the secondary server.
    9. To add more secondary servers, click Add Secondary Server, then repeat the secondary server steps for each one.
    10. In the Access Mode section, configure how end users reach the active server. The fields you complete depend on whether the servers share a subnet. Complete either the same-subnet option or the different-subnets option below.
      1. Option A - Same subnet
        1. Clear the Primary and Secondary Servers are on Different Subnets checkbox.
        2. In the Virtual IP field, enter a single IP address that can reach both the primary and secondary servers.
        3. In the Virtual Hostname field, enter an alias for the virtual IP.
        4. The virtual IP automatically binds to the active server. You can map this virtual IP to a virtual hostname in the DNS.
      2. Option B - Different subnets
        1. Select the Primary and Secondary Servers are on Different Subnets checkbox.
        2. In the Virtual Hostname field, enter the virtual hostname.
    11. Click Configure. After the configuration succeeds, the secondary server restarts and joins the failover setup.
    Configuring settings for the failover deployment mode in ADSelfService Plus.

    Fig.2: Configuring settings for the failover deployment mode in ADSelfService Plus.

    Note: To use RADIUS authentication as an authentication method in the failover setup, configure every server on the RADIUS server with the same secret key. Use that secret key to enable RADIUS authentication.

    You can change the deployment mode from Failover to Load Balancing, or vice versa, using the Deployment Mode drop-down.

    Steps to promote a secondary server to primary server

    1. Log in to the secondary server.
    2. When the promotion prompt appears, click Promote Now.
      Handling primary server failure in a failover setup.

      Fig.3: Handling primary server failure in a failover setup.

    3. You will be redirected to the Failover configuration page.
    4. Review the list of available standby servers.
    5. Click Promote as Primary for the secondary server that you want to promote.
    6. The selected server becomes the new primary server and continues serving requests.
    Note: Promote a secondary server only when the primary server is unavailable and cannot be restored.

    Secondary servers configured in load-balancing deployments can be promoted to the primary role.

    Removing the failover configuration

    You can either drop a single secondary server from the setup or dismantle the failover configuration entirely. Like all other configuration changes, both actions can only be performed from the primary server.

    To remove a secondary server:

    1. On the configuration page, hover over the entry for the secondary server you want to remove and click the remove icon.
    2. When the confirmation prompt appears, confirm the action. The secondary server is then dropped from the failover setup.
    Note: If a secondary server is offline when you remove the configuration, decommission that server manually afterward to avoid leaving it in an insecure state.

    To remove the entire failover configuration:

    1. Click Remove Configuration to tear down the complete failover setup.
    2. Once removal finishes, the primary server restarts and the secondary servers are no longer reachable.

    Tips

    • Point end users and the ADSelfService Plus login agent at the virtual hostname rather than an individual server name, so that access continues after a failover without any client-side reconfiguration.
    • If you restrict admin console access by IP address, add the virtual IP to the allowed list so the console stays reachable after the virtual IP binds to a standby server. You will find this setting under Admin > Logon Settings > General.
    • Because every server must run the same build, update secondary servers in the same maintenance window as the primary server. Staggered updates leave servers on mismatched builds, which blocks the failover setup until the versions match.
    • For a deployment that distributes traffic across active servers instead of keeping standby servers passive, see load balancing for ADSelfService Plus.