Planning for high availability and disaster recovery
Implementing high availability is about ensuring that services are always available. Disaster recovery is the process of restoring the IBM® Security Access Manager for Enterprise Single Sign-On service to a production state in the event of an outage.
Scenarios when AccessAgent connects to the IMS Server
- Post-installation
After AccessAgent is installed, AccessAgent connects to the IMS Server to download certificates, AccessProfiles, policies, and other system data.
- Sign-ups
When new users sign-up to register new accounts, secrets and authentication factors.
- Logons
- When users log on, AccessAgent connects to the IMS Server to:
- Check whether the account or the authentication factor has been revoked.
- Download or synchronize system and user data.
- Verify the authorization code for second factor bypass.
- Unlocks
- When the ESSO GINA is unlocked, AccessAgent connects to the IMS Server to:
- Check whether the account or the authentication factor has been revoked.
- Download or synchronize system and user data.
- Synchronization
AccessAgent periodically connects to the IMS Server to synchronize system, machine-specific, and user-specific data with the IMS Server. The configurable synchronization time interval is set to 30 minutes by default.
- Single sign-on credential capture
When using single sign-on to submit a newly captured credential to the IMS Server.
- Logging
When AccessAgent submits an event audit log to the IMS Server.
- Password change
When changing the ISAM ESSO password.
When the server is not available
- New user sign-up.
- Logon from workstation without cached Wallet.
- Logon with second factor bypass or second factor registration.
- Change of the ISAM E-SSO password.
- Upload and distribution of new and updated AccessProfiles.
- Access to AccessAdmin.
- Access to AccessAssistant and Web Workplace.
High availability
- Client-side high availability
- If the IMS Server is not available, AccessAgent can remain functional because AccessAgent caches system data into a machine Wallet and user data into individual user cached Wallets.
- When the server is offline, AccessAgent can continue to authenticate users with one or two authentication factors by using the authentication data that is cached on the computer.
- AccessAgent can provide single sign-on for the user when the server is offline by using the cached ESSO user Wallet.
- If the user forgets the password or the authentication factor, IBM Security Access Manager for Enterprise Single Sign-On provides various ways for users to regain access to the user Wallet. For example, the user can reset the password through self-service secrets even if the IMS Server is offline.
- Database high availability
IBM Security Access Manager for Enterprise Single Sign-On leverages on industry standard databases for additional storage. Enterprises can reuse the existing data-tier infrastructure for high availability, recovery, and maintenance.
- Directory server high availability
- IBM Security Access Manager for Enterprise Single Sign-On does not store any data on the enterprise directory (IBM Security Access Manager for Enterprise Single Sign-On does not require any directory schema extensions) and does not connect to the directory server for most single sign-on scenarios.
- IBM Security Access Manager for Enterprise Single Sign-On relies on the directory server to verify user identities during sign-up. If password synchronization is configured, IBM Security Access Manager for Enterprise Single Sign-On also connects to the directory server when performing password reset and password synchronization.
- To ensure high availability, configure the virtual member manager component of the WebSphere® Application Server to communicate to any Active Directory domain controller instead of a specific domain controller.
See the following topics: