I recently blogged about multiple SUP roles in CM 2012 SP1 Beta and promised to come up with a follow-up which would be looking at how it works and what happens when there is a failure. This all sounds very exiting 🙂 so lets get started.

In my previous blog I mentioned that the first SUP in your environment is seen as the sync source (or primary SUP) and that SUP’s installed later will be replica’s. So what happens when there would be a failure of the primary SUP? I turned of my primary SUP and triggered a sync from the console to find out (as expected) that synchronization failed. Software updates however  still works and software updates can be deployed using the replica SUP servers, meaning that redudancy is working. A side note offcourse is that the Endpoint Protection definitions will not be updated, simply because synchronization is not working. Basically everying where synchronization is needed will not be updated. No new patches or EP definitions can be synchronized. Depending on agreements within your organization this can be bad or not.

What are your options? If you cannot affort downtime of any kind and your primary SUP is down, the only thing you can do is to delete the SUP role (in our case the broken one that is the sync source). By doing that you have the possibillity to designate another SUP as sync source and get everything synching again (see image below).

There is no other way then to remove the SUP site system role. In the console you have no option to change the sync source. If you do not want to remove the SUP role, you have to restore the SUP server in its original state and bring it back online. Keep in mind that the functionalities that rely on synchronization will not be updated.

I was thinking about this and decided to send some feedback to Microsoft with the question why changing a sync source cannot be done from the console and part of the reply was this:

“…the only way to change the sync source in this release is to remove the original sync source and designate a new one. There is significant re-synch impact of the new source, and all dependent servers when  making this switch. For performance reasons, we decided not to provide this capability in the SP1 RTM release.”

So maybe in the future this it will be possible to change a sync source from the console, but until then you have to delete the SUP role to accomplish this.

End conclusion of the test is that multiple SUP’s do give you redundancy and do keep your environment updated.