Repository How to Guide

From Swivel Knowledgebase Wiki

Contents 1 Overview 2 Configuration Considerations 3 What is a Repository? 4 Removing a Repository? 5 Working with Active-Active Configurations 6 Troubleshooting

Overview

Configuration and use of the PINsafe Repository

Configuration Considerations

During initial configuration, it is recommended to use an Internal XML repository, this can be removed later if required.

When using an external database such as MySQL, ensure all PINsafe servers are set to the same timezone before installation of PINsafe, and once set that timezone should not be altered as it will invalidate the PIN number decryption. When setting the time zone restart the database i.e. for internal restart PINsafe or MySQL for appliances.

What is a Repository?

A repository is a data source of information. Each set of repositories must have a unique name and contain unique usernames. The various forms of repository are:

XML Repository: A data source stored and entered on the PINsafe server. There can be only one XML repository on each PINsafe server

Active Directory Repository: AD groups can be configured as data sources. Multiple AD servers and groups can be configured, the Global Catalogue can also be used.

LDAP Repository: LDAP groups can be configured as data sources. Multiple LDAP servers and groups can be configured.

SQL Repository: SQL groups can be configured as data sources. Multiple SQL servers can be configured. PINsafe needs to know in which fields the data is stored, so a java class is written to read the database, contact Swivel Support.

Removing a Repository?

A repository is removed when all the members of that repository have been deleted and then the repository is deleted. If users are left in the repository then the repository will be visible in the User Administration. If the repository is deleted with users remaining, then it will still be visible in the User Administration as an orphaned repository.

To remove the Repository completely on the PINsafe Administration Console:

• Select Repository/Servers and set the Delete Users with Server to Yes

To remove an orphaned repository:

• Recreate the repository with exactly the same name and then remove it with the set the Delete Users with Server to Yes

Working with Active-Active Configurations

In an Active-Active configuration the data data is written into an external database or Data Store. It is recommended that only one PINsafe server reads the repository data source at any one time. Each repository and username must be unique, for example an admin user cannot exist on the XML database in both the primary and secondary PINsafe servers. Below is a recommended configuration for Active-Active-DR-DR PINsafe servers using internal repositories:

Server	Repository Name	Admin name
Primary PINsafe server	primary_local	primary_admin
Secondary PINsafe server	secondary_local	secondary_admin
DR1	dr1_local	dr1_admin
DR2	dr2_local	dr2_admin

XML users should be added onto the Primary PINsafe server, and with an external data store thay can be viewed on all PINsafe servers. If the primary PINsafe server is to be removed or taken down for a lengthy period then users can be added to the secondary server.

Troubleshooting

• Q. On the User Administration screen, I cannot select a repository. I can only see the text "repository_all" where the Repository drop down menu should be.
  • A. Ensure that you have not got the Shipping database selected on the Database -> General screen.