There is nothing on the SSO side for this configuration this task is setup from the RSA Authentication Manager before generating the sdconf.rec failover.dat
Summary of steps: - For further details review the RSA documentation
Communication between the authentication agents and RSA Authentication Manager form the RSA Security Console. Generate a zip file (AM_Config.zip) which contains the RSA Authentication Manager configuration file, sdconf.rec. and failover.dat. These files contain what is needed for failover
1.In the Security Console, click Setup > System Settings.
2.Under Authentication Settings, click Agents.
3.On the Agents page, click the link to configure IPv6 agents. The IPv4/ IPv6 Agents page is displayed.
4.In the Authentication Servers section, do the following:
•Select All Instances to allow the IPv4/IPv6 agent to communicate with any primary or replica instance in the current deployment. The agent can select any instance for authentication requests, and any NIC configured for the selected instance.
•Select Specified Server Names or Addresses to choose the fully qualified hostnames or IP addresses of specific instances, or a DNS name that resolves to a list of instances. In the Hostname or IP Addresses field, you can add or remove entries from the list of fully qualified hostnames and IP addresses. RSA strongly recommends entering more than one instance. Multiple
Procedure to generate AM_Config.zip (sdconf.rec and failover.dat)
1.In the Security Console, click Access > Authentication Agents > Generate Configuration File.
2.From the Maximum Retries drop-down menu, select the number of times you want the authentication agent to attempt to establish communication with Authentication Manager before returning the message “Cannot initialize agent - server communications.”
3.From the Maximum Time Between Each Retry drop-down menu, select the number of seconds that you want to set between attempts by the authentication agent to establish communications with Authentication Manager.
4.Click Generate Config File.
5.Click Download Now, and save AM_Config.zip to your local machine.
Copy AM_Config.zip, containing the sdconf.rec file and the failover.dat file, to each agent host.
Windows 64 bit: - documentation will be updated
The Policy Server only needed these files....The following files need to be present under’
CA SSO Installer already placed the aceclnt.dll ii. sdmsg.dll appropriately
Manually copied over from RSA Manager after generating the sdconf.rec to <policy_server installation_dir>/lib folder additionally, the VAR_ACE and USR_ACE variables are pointing to the <policy_server installation_dir>/lib