Using PostgreSQL Flex on Azure

If you're migrating your HS-PAS deployment to PostgreSQL Flex on Azure, you need to do some additional configuration steps, as listed below.

Configuring your Network Firewall

You need to allow the PostgreSQL server to communicate with the HS-PAS internal glob_serv listener/server. Configure the network settings for VNET Integration. If you use a private endpoint, you must add a public IP to that endpoint and restrict traffic to the internal subnet by way of your host firewall.

Adding the Server Hostname to Internal Users

For the internal users rouser and globro2, you must add the server hostname as the suffix. For example, if the server hostname is servername, you specify rouser@servername.

Running the Modification Scripts

When executing modification scripts such as Centrify-Pas-ModifyInstallation.ps1, the script checks the state of the rouser and globro2 users. These usernames should be exactly rouser and globro2 without any suffixes or prefixes.

You need to rename the users to their original names before running the script and then rename them after running the script.

For example, before running a modification script, you could have the following user accounts:

• rouser@servername

• globro2@servername

Before you run the script, you need to rename them to just rouser and globro2. Then, run the script, and afterwards, change the names back to rouser@servername and globro2@servername.

Resetting Passwords After Migration

After you've migrated to PostgreSQL Flex on Azure, role passwords might not have migrated. If this happens, just run the password reset script and then append the hostname suffix to the rouser account.