If you have installed multiple Sametime
® servers, you can enable the SametimeSecretsGenerator agent in the Secrets database. Enabling the SametimeSecretsGenerator agent is an optional procedure that increases security against outside attacks.
About this task
This topic discusses the second of two procedures associated with setting up the Secrets and Tokens authentication system on a Sametime
The Secrets and Tokens databases exist on every Sametime
If you enable the SametimeSecretsGenerator agent, only one Secrets database should be used for all Sametime
servers in the environment. You should replicate the Sametime
Secrets database in which you have enabled the SametimeSecretsGenerator agent to all Sametime
servers in the environment. Create a replication schedule for the Secrets database in which you have enabled the SametimeSecretsGenerator agent to ensure it replicates at regular intervals. Delete all other copies of the Secrets database from all Sametime
servers in the environment. For more information, see Integrating a Sametime server into an existing Sametime community
Do not replicate the Tokens database to the other Sametime
servers. The replicated Secrets database can work with the Tokens database that exists on each Sametime
server by default following the server installation.
If you do not enable the SametimeSecretsGenerator agent in any Secrets database on any Sametime
server, it is not necessary to replicate the Secrets database. If you do not enable the SametimeSecretsGenerator agent, administration is simpler because no replications or replication schedules are required, but the security level is not as high.
Parent topic: Authentication by token using Secrets and Tokens databases