# High Availability Page ![localadminpasswords](https://1984618955-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAsBzwJDeLC2ny10RHLdI%2Fuploads%2Fgit-blob-777b39409f48f271de2f52ccc6f33e3248829f95%2Fbadge-enterprise-edition-rocket.svg?alt=media) High availability is an [Enterprise edition feature](https://docs.lithnet.io/ams/v1.0/access-manager-editions) ## High Availability ![](https://1984618955-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAsBzwJDeLC2ny10RHLdI%2Fuploads%2Fgit-blob-da0a80c2250b6cdc800f6a7f03b779e4c5b77f34%2Fui-page-highavailability.png?alt=media) ### Database configuration By default, Access Manager uses an internal database instance, based on Microsoft SQL LocalDB. For most use cases, this database type is fine. If you have specific requirements around management, performance or availability, you may wish to use an external SQL server to host the Access Manager. You can select to create a database directly using the `Create database` function, or they can generate a database creation script that can be run on the SQL server directly to create the necessary database and permissions for the AMS service account. ### Data protection > Data protection functionality requires at least one domain controller in the domain running Windows Server 2012 R2, and a [KDS root key](https://docs.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/create-the-key-distribution-services-kds-root-key) must have been generated in the domain. #### Cluster-compatible secret encryption In order to run AMS in a high availability configuration, such as a Windows failover cluster, cluster-compatible secret encryption must be enabled. #### Encryption certificate synchronization To ensure that each server in the cluster has access to the necessary decryption certificates you can enable certificate synchronization. This will encrypt the service certificates and store the in the configuration file. Do not use this option if you are using certificates stored on a 3rd party device such as a HSM. Configure the device to ensure that all nodes of the cluster have access to decrypt data using the certificate's private key. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.lithnet.io/ams/v1.0/advanced-help/app_pages/high-availability-page.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.