To maintain a hot standby MOVEit Automation system, MOVEit Automation can be used to replicate its own configuration files to a standby MOVEit Automation server. The process involves setting up a secondary MOVEit Automation server running the same version. The primary server will be used to periodically copy its configuration to the secondary server. The MOVEit Automation service on the secondary server is normally disabled, and will only be enabled when the administrator needs to utilize the secondary server after a critical problem on the primary, for example, and is sure that the MOVEit service is not running on the primary server.
Note: It is crucial that the MOVEit Automation service is never run on the primary and secondary at the same time to avoid the same tasks running from two servers at the same time. You must ensure that the service on the non-active server is not running, and is disabled so that it will not start on re-boot or accidentally.

Moving files to the secondary server via MOVEit Automation can be done several ways, and is user specific. Microsoft UNC shares, FTP, SFTP, FTPS, etc., could all be used. For the purposes of this explanation, we will use a UNC share.

Note the solution described here only automates the copying of the configuration from the primary server to the secondary. It does not perform the actual failover process. This is not an automatic failover solution. If you require this, contact Progress to discuss MOVEit Automation Failover, which can be added to your MOVEit license.

Note also that the solution described in this page does require a disaster recovery license for MOVEit Automation for the secondary server.

NOTE: In order for replication of the configuration files to work properly, both systems must be running the same version of MOVEit Automation . Also, there must be a network connection between the two servers.

Setting Up Replication

This procedure sets up configuration replication between a production MOVEit Automation server (primary) and a hot standby MOVEit Automation (secondary).

  1. Install MOVEit Automation on the secondary server. Stop the MOVEit Automation service and set the start method to MANUAL.
  2. The rest of this page assumes you have enabled a way to write to the file system of the secondary server that MOVEit Automation supports, either via UNC, or some type of FTP server. It assumes you can write to the equivalent MOVEit directories on the secondary server that you copied data from on the primary server. In this example, we will use a UNC share on the secondary server that directly points to the MOVEit Automation directory. Your configuration may be different.
  3. On the primary MOVEit Automation, create a Certs Backup task to back up client certificates.
    1. Create a new task with a process, destination and schedule (no source).
    2. Add a PER-TASK process that runs the Certs Backup built-in script.

      Use the default output filenames CertsPersonal.pfx and CertsOtherPeople.p7b. Specify a password for the output PFX files.

    3. Add a destination that copies the file to \Program Files\MOVEit\MOVEitAutomation.
    4. Add a schedule to run the task periodically every day.
  4. On the primary MOVEit Automation. create a Certs Restore task to restore client certificates.
    1. Create a new task with a source, process and destination (no schedule).
    2. Add a source that loads Certs*.pfx and Certs*.p7bfrom \Program Files\MOVEit\MOVEitAutomation.
    3. Add a PER-FILE process that runs the Certs Restore built-in script. Specify the same password used by the above task.
    4. DO NOT schedule the task. This task will not be run under normal circumstances; it will be run manually by operator after a failover, on the newly-promoted primary node.
  5. Copy the registry key, HKEY_LOCAL_MACHINE\Software\Standard Networks\MOVEitCentral\Keymat, from the primary node to the secondary node. Do not copy any additional registries from this directory at this time as doing so is unnecessary. This key only needs to be copied once per MOVEit release. It does not need to be part of the scheduled automatic configuration copy. Note that MOVEit Automation on the secondary server will not be able to read the configuration file without the keymat registry key and its children from the primary server.
  6. Create MOVEit Automation tasks that copy the MOVEit Automation configuration from the primary server to the secondary server.

    We will use a UNC host as an example. This assumes that there is a UNC share setup on the secondary server that points to the c:\program files\MOVEit\MOVEitAutomation directory, and that you have a user that can login with write permissions to that directory.

    1. Add a new UNC host that points to the UNC share on the secondary host that points to the MOVEitAutomation directory.
    2. Create and test a new Backup MOVEit Automation Config task:
      1. Add a local file system source.
      2. Choose the c:\program files\MOVEit\MOVEitAutomation\ folder.
      3. For files, enter: miccfg.xml;michash.xml;CertsPersonal.pfx;CertsOtherPeople.p7b
      4. For destination: use the UNC host that was created earlier, which points directly at the secondary server’s MOVEitAutomation directory.
      5. Run the task manually to ensure it moves the appropriate files. Do not enable the MOVEit Automation service on the secondary server at this point.
      6. Schedule the task to run as often as you require.
    3. Create and test a new Backup MOVEit Automation State Files task:
      1. Add a local system source that points to the c:\program files\MOVEit\MOVEitAutomation\StateFiles directory.
      2. Use *.* for files specification.
      3. Ensure that search subdirectories is checked.
      4. For destination, use UNC host created earlier, ensuring that you choose the StateFiles subdirectory on the secondary server. Also ensure that both Use relative subdirectories and Create directories if necessary are checked.
      5. Run the task manually to ensure it moves the appropriate files to the correct directory. Do not enable the MOVEit Automation service on the secondary server at this point.
      6. Schedule the task similarly to step 6-b-vi.
    4. Create and test a new Backup MOVEit Automation PGP Key Rings task:
      1. Add a local system source that points to the c:\program files\MOVEit\MOVEitAutomation\PGPPath directory.
      2. Use *.pgp for files specification.
      3. Ensure that search subdirectories is checked.
      4. For destination, use UNC host created earlier, ensuring that you choose the PGPPath subdirectory on the secondary server. Also ensure that both Use relative subdirectories and Create directories if necessary are checked.
      5. Run the task manually to ensure it moves the appropriate files to the correct directory. Do not enable the MOVEit Automation service on the secondary server at this point.
      6. Schedule the task similarly to step 6-b-vi.
  7. Test the entire procedure:
    1. On the primary server, stop the MOVEit Automation service. Use the MOVEit Automation Admin Shut Down Service command if tasks could be running.
    2. We recommend that you run this test on the secondary server with the scheduler turned off. To disable the scheduler before startup, check the Start with scheduler disabled box on the General tab of the MOVEit Automation configuration utility.
    3. On the secondary server, start the MOVEit Automation service, and then run the Certs Restore task.
    4. Confirm that the secondary server's configuration is identical to the primary server's configuration.
    5. To test the schedule after you have started the secondary server and completed the configuration, click Start task scheduler on the Commands menu in the Web Admin. Be aware that you are now running your tasks exactly as your primary would run them. They may be copying production data.