NetIQ eDirectory 9.2 Service Pack 6 Patch 1 Release Notes

April 2022

NetIQ eDirectory 9.2 SP6 P1 (9.2.6.0100) release contains updates to the NICI and OpenSSL components. This document outlines how you can apply this patch.

For a full list of all issues resolved in NetIQ eDirectory 9.x, including all patches and service packs, refer to TID 7016794, “History of Issues Resolved in NetIQ eDirectory 9.x”.

For more information about this release and for the latest release notes, see the eDirectory Documentation Web site. To download this product, see the Software License and Download portal.

1.0 What’s New

This release includes the following enhancements and third-party component updates:

1.1 Support for NICI 3.2.0.0100

This release of eDirectory contains NICI 3.2.0.0100, which adds support for OpenSSL 1.0.2zd. In this version, OpenSSL has fixed a potential security vulnerability. For more information about the issue, refer to this page.

1.2 Updates for Third-Party Components

This version of eDirectory adds support for OpenSSL 1.0.2zd.

2.0 System Requirements

For information about prerequisites, hardware requirements, and supported operating systems, see the NetIQ eDirectory Installation Guide.

3.0 Installing or Upgrading

To upgrade to eDirectory 9.2 SP6 P1, you need to be on eDirectory 9.2 SP6. After installing or upgrading to eDirectory 9.2 SP6, perform the following steps based on your platform:

NOTE:If you have both eDirectory 9.2 SP6 and iManager 3.2 SP6 installed on the same machine, you must stop the eDirectory service and the iManager tomcat service before upgrading.

3.1 Upgrading eDirectory on Linux as Root User

  1. Run the following command to stop the eDirectory instance:

    ndsmanage stopall
  2. Download and extract the eDirectory_9.2.6_P1.zip file.

  3. Navigate to the <extracted location>/Linux directory.

  4. Run the following command:

    rpm -Uvh netiq-openssl-1.0.2zd.x86_64.rpm nici64-3.2.0.0100-0.x86_64.rpm patterns-edirectory-9.2.6.0100.x86_64.rpm
  5. Run the following command to start the eDirectory instance:

    ndsmanage startall

3.2 Upgrading eDirectory on Linux as Non-Root User

  1. Run the following command to stop the eDirectory instance:

    ndsmanage stopall
  2. Download and extract the eDirectory_9.2.6_P1.zip file.

  3. Login as a root user, navigate to the <extracted location>/Linux directory and run the following command to install NICI:

    rpm -Uvh nici64-3.2.0.0100-0.x86_64.rpm
  4. Copy the nonroot.tar.gz file to the location where Identity Vault is installed. For example, /home/ediruser.

  5. Login as a non-root user and extract the nonroot.tar.gz file.

    tar -xvf nonroot.tar.gz
  6. Replace the opt directory in /home/<ediruser>/eDirectory/opt location with the opt directory available in eDirectory_9.2.6_P1/Linux/eDirectory/opt/ location.

  7. Run the following command to start the eDirectory instance:

    ndsmanage startall

3.3 Upgrading eDirectory on Windows

  1. Stop the eDirectory instance.

  2. Download and extract the eDirectory_9.2.6_P1.zip file.

  3. Navigate to the <extracted location>\Windows folder.

  4. Copy all the files to the location where eDirectory is installed. For example, C:\NetIQ\eDirectory.

  5. Run NICI_wx64.msi to upgrade NICI to 3.2.0.0100 version.

    NOTE:You should not run the NICIcfg.msi file.

  6. Start the eDirectory instance.

3.4 Upgrading eDirectory Container Using Docker

NOTE:

  • We are shipping a preview version of Docker Container-based deployment with eDirectory 9.2 SP6 P1 for customers to use and provide feedback. Customers wishing to deploy in production will be supported only with a Professional Services engagement. For more information, see Deploying eDirectory Using Docker Container in the eDirectory Installation Guide.

  • You must log in as a root user only when upgrading the eDirectory container. After the upgrade process is complete, you can login as a non-root user.

Depending on the file formats you want to use for upgrading, you can deploy a container with the latest version of eDirectory Image using one of the two methods indicated below:

  • (Conditional) If you want to upgrade eDirectory using the tarball, refer to the Upgrading eDirectory Using Docker Container section in the eDirectory Installation Guide.

  • (Conditional) If you want to upgrade eDirectory using the zip file, perform the following steps:

    1. Log in to the eDirectory container as a root user:

      docker exec -it -u root <containername> /bin/bash
    2. To stop the eDirectory instance, run the following command as nds user:

      ndsmanage stopall
    3. As a root user, download and extract the eDirectory_9.2.6_P1.zip file.

    4. Navigate to the <extracted location>/Linux directory.

    5. Run the following command as a root user:

      rpm -Uvh netiq-openssl-1.0.2zd.x86_64.rpm nici64-3.2.0.0100-0.x86_64.rpm patterns-edirectory-9.2.6.0100.x86_64.rpm
    6. To start the eDirectory instance, run the following command as nds user:

      ndsmanage startall
    7. Exit from the eDirectory container.

4.0 Additional Documentation

4.1 iManager

For iManager information, refer to the iManager online documentation.

4.2 Novell International Cryptographic Infrastructure (NICI)

The NICI Administration Guide is included in the eDirectory documentation page.

4.3 eDirectory Issues on Open Enterprise Server

For more information on eDirectory issues on Open Enterprise Server (OES), see OES Readme.