Repository

From Swivel Knowledgebase
Jump to: navigation, search


Overview

Configuration and use of the Swivel Repository


Configuration Considerations

During initial configuration, it is recommended to use an Internal XML repository, this can be removed later if required.

When using an external database such as MySQL, ensure all Swivel servers are set to the same timezone before installation of Swivel, and once set that timezone should not be altered as it will invalidate the PIN number decryption. When setting the time zone restart the database i.e. for internal restart Swivel or MySQL for appliances.


What is a Repository?

A repository is a data source of information. Each set of repositories must have a unique name and contain unique usernames. The various forms of repository are:

XML Repository: A data source stored and entered on the Swivel server. Swivel 3.9 onwards supports multiple XML repositories, earlier versions support only one XML repository on each Swivel server

Active Directory Repository: AD groups can be configured as data sources. Multiple AD servers and groups can be configured, the Global Catalogue can also be used.

LDAP Repository: LDAP groups can be configured as data sources. Multiple LDAP servers and groups can be configured.

SQL Repository: SQL groups can be configured as data sources. Multiple SQL servers can be configured. Swivel needs to know in which fields the data is stored, so a java class is written to read the database, see SQL as a data source How To Guide.

ADAM Repository ADAM (AD-LDS) can be used as a data source, this has the potential to be writable source.

LDAP Writeable Repository LDAP can be used as a data source, this has the potential to be writable source.

Repostory Options

Delete users with server: Yes/No, default: No. If set to Yes and the repository is deleted, then users will be deleted as well. If set to No, then the associated users will not be deleted.

Allow user repository to change: Yes/No, default No. If set to yes then it will allow users whose repository changes, to change their repository in Swivel. If set to No, the user will remai in the existing repository.

Server to use to attempt to authenticate non-users: This provides a drop down list of repositories against which non Swivel users can be checked for authentication.


Removing a Repository?

A repository is removed when all the members of that repository have been deleted and then the repository is deleted. If users are left in the repository then the repository will be visible in the User Administration. If the repository is deleted with users remaining, then it will still be visible in the User Administration as an orphaned repository.

To remove the Repository completely on the Swivel Administration Console:

  • Select Repository/Servers and set the Delete Users with Server to Yes

To remove an orphaned repository:

  • Recreate the repository with exactly the same name and then remove it with the set the Delete Users with Server to Yes


Working with Active-Active Configurations

In an Active-Active configuration the data is written into an external database or Data Store. It is recommended that only one Swivel server reads the repository data source at any one time. Each repository and username must be unique, for example an admin user cannot exist on the XML database in both the primary and secondary Swivel servers. Below is a recommended configuration for Active-Active-DR-DR Swivel servers using internal repositories, to avoid confusion it is suggested that only one local XML repository be used for XML user data:

Server Repository Name Admin name
Primary Swivel server primary_local primary_admin
Standby Swivel server standby_local standby_admin
DR1 dr1_local dr1_admin
DR2 dr2_local dr2_admin

XML users should be added onto the Primary Swivel server, and with an external data store they can be viewed on all Swivel servers. If the primary Swivel server is to be removed or taken down for a lengthy period then users can be added to the secondary server.

Known Issues

Swivel 3.10 and 3.10.1, 3.10.2, 3.10.3 A user with an '_' in their name cannot bel deleted from the XML repository. Upgrade to 3.10.4.


Troubleshooting

  • Q. On the User Administration screen, I cannot select a repository. I can only see the text "repository_all" where the Repository drop down menu should be.
    • A. Ensure that you have not got the Shipping database selected on the Database -> General screen.