Failover servers can be setup so that in the event of the following they can take over the role of the Management Server:
- A connection, hardware or environment failure.
- Decommissioning a Management Server.
- Conducting an update.
- Overhauling a Management Server.
When installed on managed endpoints the Deployment Agent downloads the list of servers and maintains the list as a reference. If a Management Server is unavailable, the managed computer refers to the list and attempts to register with the next available server. The list of servers consists of one or more URLs. You can specify a server using the server NetBIOS name, the fully qualified domain name or the IP address.
The failover servers can be maintained in a:
- Global default list, which applies to all deployment groups.
- Custom deployment group list, which can be set to override the default list.
The global or default list of failover servers is maintained in the following location of the Management Console:
Home >Global Settings> Failover Serverstab
This tab allows you to add and remove failover servers. The list of servers is shown in order of priority. To change the order use the Move Up and Move Down options in the Actions panel. To validate connections, select Diagnostics Enabled, to set a diagnostics check prompt on any client computer connecting with a particular server. By default, the Server is enabled but the Server Enabled option allows you to disable the server to prevent further connections.
When the Deployment Agent successfully registers with a Management Server, the URL of the server is added to the server list if the URL does not already exist. This ensures the Deployment Agent never loses contact with the Management Server. A URL can be removed from the list of servers to which Deployment Agents connect, by deselecting the URL Enabled option.
Failover Servers List
The Management Server list includes the options shown in the following table:
|Server||The URL address of the failover server. Displayed in one of the following formats and may also include port specifications:
|Diagnostics Enabled||Not selected by default.
When selected for Management Servers, all
connecting Deployment Agents on managed computers perform self-tests
at startup and on request to ensure that connectivity is available.
Deployment Agent self-tests report events to
the Management Server, except in the case of connectivity issues
or failure, and also reports to the local Windows Event Log.
Deployment Agent self-tests check the following:
|Server Enabled||Selected by default. When selected, the server is available. When deselected, the server is unavailable for any further connections. Client computers automatically redirect to the next available server in the list. This can be used when decommissioning a server by preventing Deployment Agents connecting to the server.|
- Add Server — Launches the Add Failover Server dialog. Enter a URL or browse for a server to add to the list. Select the Connection Type, HTTP or HTTPS, and the connection port.
Remove Servers — Removes selected Servers from the list of failover servers.
Any servers removed from the servers list which are still listed by Deployment Agents on managed computers registering with the server, can be added back into the list automatically. To avoid this occurring, it may be necessary to disable redundant or decommissioned servers until all managed computers have been updated with the correct list of available servers.
- Move Up — Moves the selected server to a higher position in the list and in the order of priority.
- Move Down — Moves the selected server to a lower position in the list and in the order of priority.
- Test Server Connection — When selected, the Management Server performs a connection test to each selected server in the list and reports any successes or failures.
The credentials are used by the Management Server to authenticate access to the clients when installing the Deployment Agent. These credentials must be supplied before attempting to install the Deployment Agent on any endpoint via the Management Console.
The Global Settings Access Credentials apply to all Deployment Groups by default, unless specific credentials have been defined within a specific Deployment Group. In this case, the Deployment Group’s Access Credentials override the default global Access Credentials.
The credentials are attempted in the order listed, to change the order use the Move Up and Move Down options.
To add new credentials, enter a user name and password and click Add. The credentials are stored in the database, the Server Configuration Portal (SCP) creates an RSA public-private key pair that is stored in the Microsoft Cryptographic Provider of the server. This key is used to encrypt and decrypt the credentials stored in the database and therefore secures the information.
Managing the Global Access Credentials
- Select the Home button in the navigation pane.
- Select the Global Settings node.
- Select the Access Credentials tab.
Do one or more of the following:
- To add a credential enter a User name and password, select Add.
- The credentials are entered into the list below.
- To remove a credential, highlight the required credential and select the Remove button.
- To order credentials in the list highlight the required credential and select the Move Up or Move Down buttons until in the preferred order.