The CoreView Hybrid Connector (both 2019 and 2022 Windows server versions) supports configuration for high availability in an Active-Active setup. Both servers remain ready for a management session. However, the CoreView Management session connects to only one hybrid server at a time. Should one server become unreachable, the other server will take over the management connection.
The CoreView Management session sets up a PowerShell runspace to the Domain Controller and Exchange Server through the Hybrid Server. Commands are executed within this runspace. If the Domain Controller becomes unreachable, a timeout will occur, resulting in the management session being disabled.
This article pertains to the High Availability (HA) feature of the Hybrid Connector server. Given that PowerShell runspaces are established with both the Domain Controller and the Exchange Server, it's advisable to consider HA for these components as well.
Alternatively, you may choose to implement High Availability solely for the Hybrid Connector servers, ensuring complete reliability for the CoreView Hybrid Connector component. The decision to adopt this scenario should be based on your specific reliability requirements.
To implement HA, you'll need to load balance the following connections to one of your Domain Controllers:
- Port 443 TCP
- Port 5985 TCP
- Port 5986 TCP
For your Exchange Client Access Servers (CAS), balance these connections:
- Port 80 TCP
- Port 443 TCP
Use DNS to direct these connections to the load balancer. It's critical that the load balancer consistently routes traffic to the same Domain Controller and/or Exchange Server to avoid commands being sent to a server without an open PowerShell runspace.
If a host managed by the load balancer fails unexpectedly, you must close and reopen the CoreView Management session.
Before performing maintenance on the active host, remember to close the CoreView Management session. Then, configure your load balancer to redirect traffic to the standby host.
This guide is written for those transitioning from a single 2016 Hybrid Server to HA 2019/2022 Hybrid servers. If you already have a 2019 or 2022 Hybrid server set up and operational, please proceed from the “Second Hybrid 2019/2022 server” section in this article.
First Hybrid 2019/2022 server
To configure a single Hybrid Connector Server, please follow the instructions provided in this section of the Knowledge Center: Hybrid Connector deployment guide.
After successfully configuring, verifying, and confirming that one 2019 Hybrid Server is operational within CoreView, you can proceed to set up the Second Hybrid server.
Second Hybrid 2019/2022 server
To configure a single Hybrid Connector Server, please follow the instructions provided in this section of the Knowledge Center: Hybrid Connector deployment guide.
After the diagnostic test successfully passes all checks, you're ready to follow the additional steps to enable High Availability (HA).
- In the CoreView Portal, disable the auto-enable feature for the Management session and turn off the current Management session.
- On the First hybrid server, stop and disable the “CoreView Agent” service.
- On the Second hybrid server, install the CoreView Windows Agent and then stop the CoreView Agent Windows service.
- On the First hybrid 2019/2022 server, copy the “data.db” file from C:\Program Files (x86)\CoreViewAgent to the identical location on the Second hybrid 2019 server. Ensure you confirm the file overwrite.
- If there is a “config.json” file in C:\Temp on the First hybrid server, copy it to the same directory on the Second hybrid server. Additionally, inspect the C:\Program Files (x86)\CoreView Agent\Forward365.Service.PowershellService.Agent.exe.config file for any gMSA settings. If present, replicate these settings to the corresponding location on the Second hybrid server.
- If you are utilizing a proxy for the First hybrid agent server, configure the necessary settings as outlined in the Proxy support article.
- On the Second hybrid server, start the “CoreView Agent” service. Then, using a supported browser, enter the agent settings, paste the API key, and wait for the confirmation message.
- In the CoreView portal, re-enable the Management session.
- On the First hybrid server, you can now start and re-enable the service.
Testing
To conduct a test, make sure the management session is first disabled in CoreView. (In a live scenario, the management session would naturally time out and then reconnect to the available Hybrid server.) Proceed by disabling the “CoreView Agent” Windows Service on one Hybrid server, and then activate the management session within the CoreView portal. With the management session enabled, execute a test on an on-premises object. This test should then be replicated for the other Hybrid server.