Configure Policy Server to connect to a new primary or standalone Policy Broker

Before you begin

When you configure a Policy Server instance to point to a new primary or standalone Policy Broker instance (for example, after a hardware failure or after changing the mode of an existing Policy Broker), you must edit the config.xml file for that Policy Server to reflect the new Policy Broker connection.

Note that if Policy Server resides on an appliance, Technical Support will need to assist with the process of updating the config.xml file.

To update the config.xml file for a Policy Server instance on a Windows or Linux server:

Steps

  1. Stop the Policy Server instance.
    • Linux: Use the /opt/Websense/WebsenseDaemonControl command to stop Policy Server.
    • Windows: Use the Services tool to stop Policy Server.
  2. Navigate to the bin directory (C:\Program Files or Program Files (x86)\Websense\Web Security\bin or /opt/Websense/bin/) and make a backup copy of config.xml in another location.
  3. Open the original config.xml file in a text editor and navigate to the BrokerService container:
    <container name="BrokerService">
  4. Delete the entire Brokers container within the BrokerService container. The Brokers container looks something like this: 
    <container name="Brokers">
<container name="0">
<data name="Host">10.226.56.62</data>
<data name="Port">55880</data>
<data name="Priority">1</data>
</container>
<container name="1">
<data name="Host">10.226.56.63</data>
<data name="Port">55880</data>
<data name="Priority">2</data>
</container>
</container>
  5. If a primary Policy Broker has been changed to standalone mode, repeat steps 1 through 4 for each Policy Server that should no longer point to that Policy Broker.
  6. Locate the Config container within the BrokerService container and update the Host container with the new Policy Broker IP address: 
    <container name="Config">
<data name="Country">US</data>
<data name="Host">10.226.56.62</data>
  7. Still in the Config container, update the Token field with the new Policy Broker token value that you recorded when you changed the Policy Broker mode.
    The token looks something like this, and must be entered as a single line (no line breaks):
    <data name="Token">0542A478BC2AB7773AE226F8471E4DD12E7AB7 
8DEFF21A3A151621EFBF5A98559211A5746D4263F00797190AFD30A5F 
D507DD5560362F6C5538C780F350C5467E106DC6A1D46FF2670FC1348 
331640AA95D0ADDAD8999D491137C8C9ED831846599BF6C99242D512B 
FABA28938E3CA975197AFED65CD335BC738E1BE933B48F7816C8F51D4 
0AEE8B9C4F401815FAD21BD427175DBD1B06B28465CC20C41AD452DE2 
B7798A71CF17E</data>
  8. Save and close the config.xml file.
  9. After making the change, restart the web module services on the Policy Server machine.
    • Linux: Run the following command from the /opt/Websense/ directory:

      ./WebsenseAdmin restart

    • Windows: Run the following command from the C:\Program Files or Program Files (x86)\Websense\Web Security\ folder:

      WebsenseAdmin restart