Create a Post
Showing results for 
Search instead for 
Did you mean: 

R80.10 - Identity sharing question

Hello Mates,

we are just upgrading a bunch of R77.30 gateways to R80.10.

Now we have detected, that the gateways connect to almost all other gateways for identity sharing.

We just enabled identity sharing on some chosen gateways because we don't want and need sharing between all gateways.

Does anybody facing this behavior as well or does anybody know if there is any way to make the gateways connect to just the pdp/pep server we have connected in the cluster object/identity sharing?


and now to something completely different
0 Kudos
5 Replies

Hi Vincent,

You can select the Gateways between which Identity information is shared. Below are the steps.

You can refer below URL for more information.

0 Kudos


i am familiar in how to configure that.

As i mentioned, identity sharing is disabled on almost all gateways but they are connected nevertheless.


and now to something completely different
0 Kudos

The PDP should show connected to the PEP on all the other gateways in a single domain, regardless of identity sharing being turned on or not. The identity sharing should only be turned on, on the appliance that is collecting the logins so to prevent duplicates which can lead to orphaned objects in the PEP table.

0 Kudos

This sounds conclusive. Thanks a lot.

Viele Grüße / best regards

Vincent Bacher

Vincent Bacher

PS Implementation Engineer (L3)

Dimension Data Germany

Tel: +49 6172 6808 067

Mob: +49 1743230235

Dimension Data Germany AG & Co. KG, Horexstr. 7, 61352 Bad Homburg, Germany

For more information, please go to<>

and now to something completely different
0 Kudos

Hi Vincent, Gaurav,

If the change of behavior of sharing occurred without any change in sharing setup and the definitions then I suggest to open a TAC and request it to be escalated to CFG task. We had recently identified a situation where under some conditions a gateway shares identities to other than selected gateways, but it is not a degradation and same behavior exist in R77.X as well.

Maybe a change of setting done as part to the introduction to R80.10 to the environment had amplified the issue.


Tzvi Katz - Identity awareness R&D group manager.