How to setup a new DSA when your DSA(s) were deployed using DXManager

Document ID : KB000044725
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction:

How to add a new CA Dir DSA when it was deployed using DXManager.

 

Instructions:

From DXManager

- On top, righ-side, click on Configuration button

- Click on Export Version and save the XML file, it will be used in the next step

dxmanager-Configuration2.PNG

 

 

From new CA Dir Server

- To setup the trust between the machines, run the command below

dxadmind setup <dx:TrustedHost> <dx:Port> <dx:Password>

 

The values for <dx:TrustedHost> <dx:Port> <dx:Password> you can find in the XML file exported previously, see 'From DXManager' section above.

 

- Check if the service dxadmind exists

- If it exists, skip to the next section 'From the current DSA machine'

- Open command line and run the command:

- dxadmind install dxadmind

- To start, dxadmind start

- To stop, dxadmind stop

- Check if it is running with: dxadmind status

 

 

From DXManager

- Select Maps tab and from View 'Topology'

- With the Topology View

- Select your Site, right-click and select "Add a new host to the site" option

dxmanager-addNewHostToThisSite.PNG

- In General tab, set the Name of this DSA, usually, the hostname, you can edit it at any moment

- In Connections tab, set the Network Address, the FQDN or IP Address, and click Add button

- In Security tab, if the other DSA(s) is/are setup to use SSLv3, click on Override button beside of Protocol and change it.

- Click Ok button

- Click on the new Host, right-click and select the option "Instantiate a new partition to this host" -> "As a Data DSA"

dxmanager-InstantiateNewPartition.PNG

- Click Next and check if all configuration are ok, Ports, Namespace, Host.

- Click Finish button

 

- If you have Router, setup the router as needed.

 

- Check if the dxadmind is running in all CA Dir machines 'dxadmind status', if not, start it with command 'dxadmind start'

- From DXManager, right-click on your Backbone and select 'Stop all DSAs within the backbone' and click Yes

dxmanager-StopAllDSAs.PNG

- Backup the folder DXHOME/config from all DSAs in case you need to restore it

- From one CA Dir machine, run the command below to generate new certificates.

    dxcertgen -d 3650 certs

 

- You do not need to run the command in all CA Dir machines

- Copy the following files from current machine to all other CA Dir machines.

 

    DXHOME/config/ssld/trusted.pem

DXHOME/config/ssld/default.dxc

    Copy all files from DXHOME/config/ssld/personalities to the other machines

 

- If you have custom schemas, also, copy the files from DXHOME/config/schema to the new machine

- If SSL is enabled, check the #ssl section from the file below, from the working DSA to the new DSA.

DXHOME/config/servers/<DSA-Name>.dxi

 

- From DXManager, right-click on your Backbone and select 'Start all DSAs within the backbone' and click Yes

dxmanager-StartAllDSAs.PNG

- On top, righ-side, click on Configuration button

- Click Save and give it a name

- Click Deploy

dxmanager-Configuration2.PNG

 

Additional Information:

If you have any problem with MultiWrite or communication problem, check the following

 

- From each DSA machine run the command 'dxadmind help'

- Check the 'Config Version' has the same version in all DSA machines

 

- If it does have the same version, do the following:

- stop dxadmind from three machine and DXwebserver service 

- start dxadmind from three machine and DXwebserver service 

- double check the 'Config version'

 

 

If the problem still persist, open a case with CA Support, and attach the following files as follow

- From DXManager, right-click on Backbone, and Stop all DSAs

- Delete or remove the log files from the day, DXHOME/config/logs, of each machine

- From DXManager, right-click on Backbone, and Start all DSAs

- Run the command 'dxadmind help' of each DSA machine, take a screen shot or output file

- After about 5-10 minutes collect the DSA logs, DXHOME/config/logs, of each DSA machine.

- From DXManager, on top, righ-side, click on Configuration button

- Click on Export Version and save the XML file

 

- Generate the dxinfo for each DSA machine as follow:

- Create a temp folder, and navigate to this temp folder

- Run the command 'dxinfo -x logs'

- Compress this temp folder of each DSA machine

 

Send the DXHOME/config/logs and dxinfo files of each DSA, and the XML file