Authenticating Additional Servers (DSA)

Multiple servers can provide a higher level of service for your BigFix installation.

If you choose to add Disaster Server Architecture (DSA) to your installation, you will be able to recover from network and systems failures automatically while continuing to provide local service. To take advantage of this function, you must have one or more additional servers with a capability at least equal to your primary server. Because of the extra expense and installation involved, you should carefully think through your needs before committing to using DSA.

Your servers can communicate with each other using the DB2 inter-server authentication option.

Before installing the additional Linux Servers, install the DB2 server on each machine that you want to add to your deployment. The version of the DB2 server must be the same as the DB2 server installed on the Master Server.

Using DB2 Authentication

With this technique, each Server is given a login name and password, and is configured to accept the login names and passwords of all other Servers in the deployment.

The password for this account typed in clear text is obfuscated in the configuration file on each server, after the restart of the FillDB service. To authenticate your servers using DB2 Authentication, follow these steps:
  1. Choose a single login name (for example, db2inst1), and a single password to be used by all servers in your deployment for inter-server authentication.
  2. On the Master Server, open the /var/opt/BESServer/besserver.config file.
  3. Add or modify the following keywords in the [Software\BigFix\Enterprise Server\FillDB] section:
    ReplicationUser = <login name>
    ReplicationPassword = <password>
    ReplicationPort = <DB2_port>
    ReplicationDatabase = BFENT
  4. Restart the FillDB service.
Note:
  • This choice must be made on a deployment-wide basis; you cannot mix domain-authenticated servers with DB2-authenticated servers.
  • ReplicationUser, ReplicationPassword, and ReplicationPort must be uniquely defined in all the server configuration files of your DSA environment.
  • All BigFix servers in your deployment must be running the same version of DB2 server.