Important Updates to Cybersecurity Software
HelpSystems is updating the names of our cybersecurity software, including the Powertech product line. Don’t worry—the functionality of your products won’t change.
See the new names here > New, Simpler Names for HelpSystems Security Software.
To successfully install any Powertech products in a High Availability (HA) environment, the Powertech product must be installed on the HA system before the production system.
This is necessary because replication software could be setup with global settings to replicate non-library objects such as user profiles, authorization lists, IFS directories, etc. Many of the Powertech products check for the existence of these objects (especially user profiles) prior to the installation and will not install if these objects already exist.
Note: During the installation process, Authority Broker registers its exit program to its associated exit point – POWERLOCK_AB. Without the exit program registration, Authority Broker profile switches will fail.
Authority Broker has two user profiles PLABADM and PLABOWN.
Authority Broker has these authorization lists: POWERABADM, POWERABDTA, POWERABFL, POWERABFO, POWERABPGM and POWERABRPT.
Note: If the user profiles or authorization lists exist, replication of these objects must be inactivated on the production system. Delete these user profiles and/or authorization lists on the HA system then install Authority Broker per the installation instructions.
After installing Authority Broker on your target (HA system) and source (production system), you will need to replicate certain files and authorization lists (including filters) to the HA system.
Note 1: User Profiles and their appropriate message queues setup in Authority Broker must either be replicated or created on the HA system before Authority Broker can be used on the HA system. User Profiles are used in the swap process and message queues are used in the Alert Method. Check the 'System User to Switch Profiles' settings for this information.
Note 2: Exit Programs, when using before or after exit programs in Authority Broker; these objects (ie - programs, files, etc) need to be replicated to the HA system. Use the Work with Product Exits Menu to see whether exit programs are used.
Note 3: All Event reporting will be from the date/time of the role swap on the HA system. Authority Broker uses the system’s QAUDJRN (IBM system journal). QAUDJRN cannot be replicated between systems. All Event reporting will be from the date/time of the role swap on the HA system.
Synchronization of the objects will need to be done on the individual object. Never use ‘Library Synchronization’ feature of the HA product as it will clear the product’s library and replicate just the objects that are defined to be replicated.
We have seen that Library Synchronization has caused issues that require the product to be uninstalled and reinstalled.
The journal PWRJRN in PTABLIB is used to capture changes to Authority Broker setup and configuration. Powertech recommends using this journal to replicate the changes between the production and HA system. This may require special setup with the replication software, an example would be that a separate ‘Data Group’ would be required in a product such as Mimix.
Add ‘Include’ filters for the authorization lists listed below:
Setup replication software to include the following files to be replicated to the HA system in order to provide the profile swap setup, alert methods, exit programs, firecall setup and other information.
Add an ‘Include’ filter for the files listed below:
Note 1: The files PAMSWPHDR, PAMSWPLOG and PABWSD are the swap history and screen capture files. These files have been removed from the inclusion list because we have observed that replication software can have locks on these files on the HA system when Authority Broker is a ‘Live’ active product. These files may be replicated if, and only if, Authority Broker will be used only on the HA system after the role swap.
Note 2: The files PAMSWPHDR, PAMSWPLOG and PABWSD have trigger programs. Caution must be taken whenever this object is restored on a system or used in a HA environment. After these files have been restored or replicated, please verify that their triggers are correct.
Authority Broker version 4 has the ability to enter multiple licenses (press F7 – License List on License Setup screen). This allows you to enter the HA system’s license before the role swap so that you are not required to contact Powertech technical support for an emergency (temporary) key.
In the event that you are using multiple licenses, you will need to setup the following objects for replication.
Note: If you enter only the license for the product system, and have not added the license for the HA system, do not replicate this object. It may cause the license on the HA system to be invalid and you will need to contact firstname.lastname@example.org to request a new license key.
Still have questions? We can help. Submit a case to Technical Support.