您可以透過將目錄與多個連接器執行個體相關聯,然後設定目錄的同步連接器清單,藉此設定目錄同步的高可用性。同步連接器清單中的連接器會以容錯移轉順序排列。VMware Identity Manager 服務會使用清單中的第一個連接器來同步目錄的使用者和群組。如果第一個連接器無法使用,則會使用清單中的下一個連接器,依此類推。

Each directory has its own Sync Connectors list.

As a best practice, set up your deployment in a way that the same connector does not sync multiple directories at the same time. You can use the following strategies.

  • Use a different set of connectors for different directories.
  • If you use the same set of connectors in the same failover order, schedule the sync at different times for each directory.
  • If you use the same set of connectors for multiple directories, set a different failover order for each directory so that sync does not fall back to the same connector.

This feature is available beginning with the VMware Identity Manager 19.03 on-premises release. To use this feature, upgrade all connectors to version 19.03.0.0, then follow this procedure to set up the Sync Connectors list. Take into account the following situations.

  • For existing directories, the Sync Connectors list is empty. Until you configure the Sync Connectors list, the connector that was originally configured for the directory continues to be used for sync and no fallback is available if the connector fails.
  • New directories created in an upgraded or new environment have one connector listed in the Sync Connectors list. This connector is the one you selected as the sync connector while creating the directory.
重要: 此功能僅適用於 VMware Identity Manager 內部部署安裝。在 VMware Identity Manager 雲端部署版本中無法使用。

必要條件

  • 您已安裝和設定額外的連接器執行個體。請參閱《安裝和設定 VMware Identity Manager Connector 19.03.0.0 (Windows)》中的安裝和設定額外的 VMware Identity Manager Connector 執行個體
  • VMware Identity Manager 服務相關聯的所有連接器必須都是版本 19.03.0.0 或更新版本。如果任何連接器為較舊版本,則目錄的 [同步設定] 頁面不會顯示 [同步連接器] 索引標籤。

程序

  1. 將新的連接器執行個體與目錄的 Workspace IDP 相關聯。
    1. VMware Identity Manager 主控台中,按一下身分識別與存取管理索引標籤。
    2. 在出現的 [目錄] 頁面中,按一下您想要設定高可用性的目錄。
    3. 目錄同步與驗證區段中,按一下 WorkspaceIDP 連結。
    4. 在 WorkspaceIDP 頁面中,捲動到連接器區段,從下拉式功能表選取每個新的連接器執行個體,然後按一下新增連接器
    5. 按一下儲存
  2. 按一下目錄索引標籤,然後按一下目錄名稱。
  3. Click Sync Settings.
  4. Click the Sync Connectors tab.
  5. Select the connector instances to be used to sync users and groups for this directory.
    1. From the Select a Connector list, which displays all the connectors added to the service, select a connector and click the + icon.
      The connector is added to the Sync Connectors list.
    2. Add all the connectors that you want to use for sync to the Sync Connectors list.
    3. In the Sync Connectors list, arrange the connectors in failover order by using the up and down arrow keys.
      To perform a directory sync, VMware Identity Manager tries to use the first connector in the list. If the first connector is unavailable, it tries to use the second connector, and so on.
      For example:
      Sync Connectors tab screenshot

  6. Click Save.

結果

The list of sync connectors for the directory is saved and is applied from the next sync onwards.

You can view which connectors were used for sync in the Sync Log tab of the directory page.

For example:


Sync log screenshot