@bmccraw
active 1 year, 3 months ago-
bmccraw commented on the post, Immutable Deployment Pattern for ForgeRock Access Management (AM) Configuration without File Based… 2 years, 7 months ago
I want to point out a discrepancy, in the article above, it says:
“Finally the last key component to this model is Affinity Based Load Balancing for the Userstore, CTS, App and Policy stores to both simplify
-
bmccraw replied to the topic How to configure OpenDJ replication topology for AWS Multi region replication in the forum Directory Services 3 years ago
I agree with @bill-nelsonidentityfusion-com‘s suggestion. I’ll also add a reminder to use a different replication group-id in each region to keep the DS servers connected to the local region’s RS server.
-
bmccraw replied to the topic Directory Services 5.5 – Security issue with locked accounts ? in the forum Directory Services 3 years, 2 months ago
Hi Sylvain,
We noticed the same thing and opened a ticket with support. Even though it’s not listed in the AM 6.0 changelog, we did verify they fixed it in AM 6.0. Although you can’t see the ticket anymore, this is the ticket support pointed us to for the fix OPENAM-11336
– Brandon
-
bmccraw replied to the topic Can you use the LDAP Proxy server to connect 2 data Centres in the forum Directory Services 3 years, 3 months ago
You mentioned there isn’t a way to disable schema replication, but in the documentation when upgrading replication servers, it mentions the
--noSchemaReplicationparameter specifically for a case like @richardabbottnhs-net is attempting. Would that flag not be applicable in this case for some reason? -
bmccraw replied to the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 3 months ago
David,
Switching to the release/6.5.0 branch of forgeops seems to have fixed the issue. I’m able to get the XUI to load now. Thank you for the simple suggestion.
-
bmccraw replied to the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 3 months ago
Thanks David. I did just notice it says to not run on the master branch of forgeops. I’ll switch now and see if that helps.
my minikube version is 0.31.0 so I think I’m ok with version compatibility.
-
bmccraw replied to the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 3 months ago
Sure:
This is how I started my minikube environment:
minikube start --memory=8192 --disk-size=30g --vm-driver=vmwarefusion --bootstrapper kubeadm --kubernetes-version=v1.11.2 && minikube ssh sudo ip link set docker0 promisc onI’m on the master branch of forgeops.
-
bmccraw started the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 3 months ago
I’m finally sitting down to play with forgeops and I can’t get it to work. I’ve got minikube up and running on my mac, I can deploy all the helm charts, but when the amster service attempts to execute the install-openam script, it fails with:
am> :load /opt/amster/scripts/00_install.amster[Read more]
Failed to execute the 'install-openam' command:… -
bmccraw changed their profile picture 3 years, 11 months ago
-
bmccraw replied to the topic User Search on Identity page in AM 6 in the forum Access Management 3 years, 11 months ago
@bill-nelsonidentityfusion-com I guess I need to spend some time on that now. It wasn’t a high priority yet. Guess that just changed. Thanks for confirming I wasn’t blind or having some error I wasn’t aware of.
-
bmccraw started the topic User Search on Identity page in AM 6 in the forum Access Management 3 years, 11 months ago
In Access Management 6, the Subjects page has been moved to the Identities page. Am I just blind, or is the search box missing from this page? I can’t find any way to manage my users through AM other than scrolling through page after page looking for the right account.
-
bmccraw replied to the topic Devops & AM Sites in the forum DevOps 3 years, 11 months ago
Ah! Thanks Warren. I’d seen clones mentioned but I never realized that’s what it meant. Good to know sites aren’t necessary for multi-server deployments and that we didn’t implement a poor solution.
-
bmccraw started the topic Devops & AM Sites in the forum DevOps 3 years, 11 months ago
I’ve worked with multi-server architectures in AM for a while now, but I’ve never configured them in a site. Each server is configured as “openam” so they essentially all shared the exact same configuration (stored in an external DS). Am I missing some benefit of sites?
I’m using the AWS Application Load Balancer, so I can’t configure it to…[Read more]
-
bmccraw replied to the topic Affinity Load Balancing behind an AWS Network Load Balancer in the forum DevOps 4 years, 4 months ago
Finally found confirmation that affinity routing isn’t supported on the userstore backend. Looks like it’s being worked on though. https://bugster.forgerock.org/jira/browse/OPENAM-12184
-
bmccraw started the topic Affinity Load Balancing behind an AWS Network Load Balancer in the forum DevOps 4 years, 5 months ago
Hi everyone,
I’m looking for some help understanding an architectural assumption. We setup OpenAM (v5.5) to communicate with an OpenDS (v5.5) proxy using the affinity load balancing algorithm through an AWS Network Load Balancer (NLB). Behind the OpenDS-Proxy are separate servers for both user and CTS storage on separate baseDNs. The…[Read more]
