How to move IdentityConnect Service To New Server
|Knowledge Article Number||000214428|
|Description||Sometimes it might be required to move existing Identity Connect configuration from one Server to another if there are performance issues like high network latency on the current Server. The recommended suggestion in this case is to replicate the configuration on a new Server and discontinue the old instance . Below are the steps.|
|Resolution||1) Install Identity Connect on the new Server
2) Create a separate connected app in Salesforce for the 2nd Identity Connect. Complete the Data Source and Salesforce Org configuration.
3) For SSO, Salesforce supports multiple IDPs. So, the 2nd Identity Connect won't conflict for SSO.
3) Check if SSO is working or not using IdP initiated SSO using the new <IdenityConnect_url>/connect.
Match all the configurations in new instance like Profile to AD Group Mapping , so that they are same as in old instance.
Do not enable live sync or scheduled sync as yet.
4) On the migration day, modify the login settings under My Domain to select the 2nd Identity Connect and deselect the 1st Identity Connect. From that point onwards, users going to Salesforce will be redirected to 2nd Identity Connect for authentication, and it would be seamless for the user. ( enable live sync or scheduled sync if required for the environment)