Using IceGrid like an improved DNS

Otherwise I need a method to avoid server activation and to statically define the endpoints of the adapter inside the server during deployment.
I tryed with

<adapter name="Facade" endpoints="ssl -h xxxx -p 10001" replica-group="AS137Facade"/>

but the problem was still the same.

I'm looking at preventing this as a security mechanism, because every server is owned by one autonomous system and has a different certificate, I don't want that one server can register as another server, but only for the server deployed with the id equal to its common name.

Otherwise I don't want the server activation at all and I want to set the server endpoints during the deployment (if possible).

Without server activation I can set the endpoint during the deployment and if it cannot be overwritten by a server activation, it's under control.
How can I disable the need of server activation?
I've tried in this way, I've set in icegrid.config

IceGrid.Registry.Server.Endpoints=ssl -p 12001

Ice.Plugin.IceSSL=IceSSL:createIceSSL
IceSSL.VerifyPeer=1
IceSSL.DefaultDir=certs
IceSSL.CertAuthFile=cacert.pem
IceSSL.CertFile=Registry_cert.pem
IceSSL.KeyFile=Registry_key.pem

IceSSL.TrustOnly.Server.IceGrid.Registry.Server=CN=Registry

and I've deployed this application

<icegrid>

<application name="BGP2P">
<server-template id="AS137">
<parameter name="index"/>
<server id="AS137_${index}" exe="python" activation="manual">
<adapter name="Facade" endpoints="ssl -h tocai.dia.uniroma3.it -p 10001" replica-group="AS137Facade"/>
</server>
</server-template>

<replica-group id="AS137Facade">
<load-balancing type="round-robin"/>
<object identity="sFactory" type="::BGP2P::SessionM::BGP2PSessionFactory"/>
</replica-group>


<node name="localhost">
<server-instance template="AS137" index="1"/>
</node>

</application>

</icegrid>

I've commented:

#Facade.AdapterId=AS137_1.Facade

so the server doesn't try to activate the adapter to the registry
but when I try to locate sFactory@AS137Facade I get NoEndpointException

In fact if I see the status of the adapter AS137_1.Facade, it's Inactive

matthew wrote: »

I fail to see how either static endpoints or manual server activation really help you. Static endpoints are not a very good idea as they are hard to administer. How does disabling on-demand server activation help you? Are you assuming that all servers startup on system startup and never crash? If this is the case its pretty risky and if the environment really is hostile is definitely not a good idea.

The server startup has not to be controlled by me, because they are on computers of other people and can be in different geographical places and if they crash they are responsible to respawn them. I want to use IceGrid only to locate them.

matthew wrote: »

What are id are you trying to locate? You wrote: sFactory@AS137Facade. Do you, however, really mean [email]sFactory@AS137_1.Faca[/email]de?

It's not an error, I meant the AS137Facade, the replica group of the Facade adapter.

matthew wrote: »

If the server is actually active and IceGrid shows otherwise this generally means you used the wrong adapter name when you created the OA.

No, If I uncomment the line
Facade.AdapterId=AS137_1.Facade
on the server
all works well, but I don't want server activation (if possible, how to do that?)

That's because I called this thread "Using IceGrid like an improved DNS", when you start a server you don't have to communicate to the DNS Server that you are started and if you ask it to resolve a name, it returns the ip even if the server is not active.

Thanks for your help,
now I'm going to change the architecture and use a simple DNS Server, for dynamic updates I'll use an Ice adapter that accepts update requests, verifies the certificate and, if allowed, makes a dynamic update to the dns server.