In most failure scenarios, you can fail back to the primary data center once that data center is functioning again.

Procedure

  1. Modify the global load balancer or the DNS record to point to the load balancer in the primary data center.
    See Using a DNS Record to Control Which Data Center is Active.
  2. Clear the cache in the secondary data center.
    Run the following REST API from a REST client such as Postman:

    PATH: /SAAS/jersey/manager/api/removeAllCaches

    Method: POST

    Add Headers: 

    Authorization: HZN <cookie_value>
Accept: application/vnd.vmware.horizon.manager.cache.removal.response+json
Content-type: application/vnd.vmware.horizon.manager.cache.removal.request+json’

    Add in Body (raw) section: 

    {
"cacheNames":[]
}
    Note:
    • You must run the API as the tenant administrator, that is, the administrator created in the System domain when you install Workspace ONE Access. Domain accounts synced from your enterprise directory cannot perform this function.
    • You can obtain the HZN cookie by logging into the Workspace ONE Access service as the tenant administrator, then accessing your browser's cookie cache.
    • Empty cacheNames indicates remove all caches.

    Another way to clear cache is to reboot the virtual appliances.

  3. Restart all connector instances to reestablish the communication channel.

    For 20.01 and later connector instances, restarting the connector instances means restarting all the installed enterprise services, such as VMware User Auth Service, VMware Directory Sync Service, and VMware Kerberos Auth Service, on each connector instance.