NetIQ Identity Manager Identity Applications 4.8.6 Patch 2 Release Notes

March 2023

NetIQ Identity Manager Identity Applications 4.8 Service Pack 6 Patch 2 (4.8.6.0200) resolves some of the previous issues. This document outlines how you can apply this patch.

For the list of software fixes and enhancements in the previous release, see NetIQ Identity Manager 4.8 Service Pack 6 Release Notes.

1.0 Software Fixes

This release provides the following software fixes that resolve previous issues in the Identity Applications component:

1.1 Selecting Sub-containers for a New Role is Available on the New Role Page

This release fixes an issue in Identity Manager 4.8.6 that resulted in an empty Subcontainer field on the New Role page. After the upgrade, Dashboard will display the values in the Subcontainer field allowing administrators to select sub-containers when creating a new role. (Bug 612063)

1.2 Resource Form Fields are Working as Expected

This release fixes an issue in Identity Manager 4.8.6 that rendered the form fields on the resource form uneditable. After the upgrade, form fields work as expected. A form field of list data type will allow users to choose from a set of data values. Similarly, users can enter characters into a string data type field.(Bug 613004)

1.3 Legacy Forms Will Retain Their CSS Customization After Upgrade

This release fixes a Dashboard user interface issue, which caused clients to lose the CSS customization on the legacy forms after upgrading to Identity Manager 4.8.6. (Bug 613006)

1.4 Request History Page Displays the Name of the Requester Correctly

This release fixes an issue in Identity Manager 4.8.6 that caused the Requested By field on the Request History page to display the recipient’s name instead of the initiator who requested the permission on behalf of others. (Bug 613033)

1.5 Search Functionality in a Dynamic Query Component Works as Expected

This release fixes a form builder issue in Identity Manager 4.8.6 that caused the form field using the dynamic entity component to render incorrectly if the search query contained period (.). (Bug 624041)

1.6 Legacy Forms Using the setValues(fieldname) Method Works as Expected

This release fixes an issue in legacy forms that caused form fields using the form.setValues("fieldname", data-values, display values, KeepOldValues) method to display the data value in the display values field. It now displays the values for the display values parameter correctly. (Bug 638001)

1.7 Searching Users by Email Address Attribute of a Custom Entity Works as Expected

This release fixes an issue on Dashboard where the search option for the custom entity failed to find users if their full email address was entered. (Bug 638002)

1.8 Ability to Search by CN on Delegation Assignments and Availability Settings Pages

This release adds an ability to a Team Manager role to search team members by their Common Name (CN) on Delegation Assignments and Availability Settings pages. (Bug 641004)

2.0 System Requirements

You must have the following versions at a minimum to apply this patch:

  • eDirectory 9.2.7

  • iManager 3.2.6/Identity Console 1.5

  • Identity Manager 4.8.6 or 4.8.6.0100

3.0 Supported Upgrade Path

To upgrade to Identity Manager 4.8.6.0200, you must be on one of the following versions:

3.1 Upgrading from Identity Manager 4.8.6 Version

Depending on your operating system, follow the steps in the sections below to upgrade Identity Manager from 4.8.6 to 4.8.6.0200:

Updating This Patch on Linux

This patch requires you to update the following components based on your requirement:

Updating the Identity Applications

  1. Stop the Tomcat and NGINX services by executing the following commands:

    systemctl stop netiq-tomcat.service
    systemctl stop netiq-nginx.service

  2. Take a back up of the IDMProv.war, idmdash.war and workflow.war files from the /opt/netiq/idm/apps/tomcat/webapps directory.

  3. Delete the following from the /opt/netiq/idm/apps/tomcat/webapps directory:

    • IDMProv directory

    • idmdash directory

    • workflow directory

  4. Download the Identity_Manager_APPS_4.8.6_P2.zip from the Software Download and License portal and extract the file.

  5. Navigate to the <extracted location>/Linux directory.

  6. Run the following commands:

    rpm -Uvh netiq-userapp-4.8.6.0200-0.noarch.rpm
    rpm -Uvh netiq-workflow-1.6.0.0100-1.noarch.rpm

  7. (Conditional) If you install the rpm as root, navigate to the /opt/netiq/idm/apps/tomcat/webapps/ directory and run the following commands to add execute permission and user rights for the replaced war files:

    • chmod +x IDMProv.war idmdash.war idmappsdoc.war workflow.war
    • chown -R novlua:novlua IDMProv.war idmdash.war idmappsdoc.war workflow.war
    • chown -R novlua:novlua /opt/netiq/idm/apps/tomcat/conf
    • chown -R novlua:novlua /opt/netiq/idm/apps/sites

  8. (Conditional) If SSPR and Identity Applications are installed on the same server, perform the following steps to update SSPR:

    1. Back up the sspr.war file from the <Identity ApplicationsTomcat installed location>/webapps directory.

    2. Delete the sspr directory from the <Identity Applications Tomcat installed location>/webapps directory.

    3. Download and extract the Identity_Manager_SSPR_4.8.6_P1.zip file.

    4. Navigate to the <extracted location>/Linux directory.

    5. Run the following command:

      rpm -Uvh netiq-sspr-4.6.0.1-1.noarch.rpm

    6. (Conditional) If you install the rpm as root, run the following commands to execute permissions and user rights for the replaced war files:

      chmod +x sspr.war
      chown -R novlua:novlua sspr.war

  9. Delete all the files and directories from the /opt/netiq/idm/apps/tomcat/temp and /opt/netiq/idm/apps/tomcat/work/Catalina directories.

  10. Start the NGINX service by executing the following command:

    systemctl start netiq-nginx.service

  11. (Conditional) If you are using the PostgreSQL database shipped with Identity Manager, run the following command to restart PostgreSQL:

    systemctl restart netiq-postgresql.service

  12. Start the Tomcat service:

    systemctl start netiq-tomcat.service
Updating the SSPR

NOTE:Use this method if SSPR is:

  • Installed on a different server than the Identity Applications server.

  • Installed in a Standard Edition.

  1. Stop the Tomcat service:

    systemctl stop netiq-tomcat.service

  2. Download the Identity_Manager_SSPR_4.8.6_P1.zip from the Software Download and License portal and extract the file.

  3. Navigate to the <extracted location>/Linux directory.

  4. Run the following command:

    rpm -Uvh netiq-sspr-4.6.0.1-1.noarch.rpm

  5. (Conditional) If you install the rpm as root, run the following commands to execute permissions and user rights for the replaced war files:

    chmod +x sspr.war
    chown -R novlua:novlua sspr.war

  6. Start the Tomcat service:

    systemctl start netiq-tomcat.service

Updating This Patch on Windows

This patch requires you to update the following components based on your requirement:

Updating the Identity Applications

  1. On your Identity Applications server, press Windows + R on your keyboard, type services.msc and select OK to open the Windows Services interface. From the Windows services, stop the IDM Apps Tomcat Service and NetIQ Nginx Service.

  2. Back up the IDMProv.war, idmdash.war, and workflow.war files from the <Identity Applications Tomcat installed location>\webapps\ folder.

  3. Delete the following from the <Identity Applications Tomcat installed location>\webapps\ folder:

    • IDMProv.war

    • IDMProv folder

    • idmdash.war

    • idmdash folder

    • workflow.war

    • workflow folder

  4. Download the Identity_Manager_APPS_4.8.6_P2.zip from the Software Download and License portal and extract the file.

  5. Copy the IDMProv.war, idmdash.war, and workflow.war files from the extracted location to <Identity Applications Tomcat installed location>\webapps\ folder.

  6. (Conditional) If SSPR and Identity Applications are installed on the same server, perform the following steps:

    1. Back up the sspr.war file from the <Identity Applications Tomcat installed location>\webapps\ folder.

    2. Download and extract the Identity_Manager_SSPR_4.8.6_P1.zip file.

    3. Navigate to the <extracted location>/Windows directory.

    4. Copy the sspr.war file from the extracted location to <Identity Applications Tomcat installed location>\webapps\ folder.

  7. Delete all the files and folders from the <Identity Applications Tomcat installed location>\temp and <Identity Applications Tomcat installed location>\work folders.

  8. (Optional) Navigate to the C:\NetIQ\idm\apps\tomcat\conf\ folder and set com.netiq.idm.rbpm.updateConfig-On-StartUp flag to true in the ism-configuration.properties file.

  9. From the Windows services, start the IDM Apps Tomcat Service and NetIQ Nginx Service on your Identity Applications server.

Updating the SSPR

NOTE:Use this method if SSPR is:

  • Installed on a different server than the Identity Applications server.

  • Installed in a Standard Edition.

  1. From the Windows services, stop the Tomcat Service running on your SSPR server.

  2. Back up the sspr.war file from the <Identity Applications Tomcat installed location>\webapps\ folder.

  3. Download the Identity_Manager_SSPR_4.8.6_P1.zip from the Software Download and License portal and extract the file.

  4. Navigate to the <extracted location>/Windows directory.

  5. Copy the sspr.war file from the extracted location to <Identity Applications Tomcat installed location>\webapps\ folder.

  6. Delete all the files and folders from the <Identity Applications Tomcat installed location>\temp and <Identity Applications Tomcat installed location>\work folders.

  7. From the Windows services, start the IDM Apps Tomcat Service on your Identity Applications server.

Updating Identity Manager Containers

This section provides information on updating the Identity Applications and SSPR containers of Identity Manager. These steps can be used to update both single and distributed servers.

Updating Identity Applications Container

  1. Stop the existing docker container by using the docker stop command.

    For example: docker stop <container_id>

  2. Remove the docker container by using the docker rm command.

    For example: docker rm <container_id>

  3. Delete the Identity Applications docker image by using the docker rmi command.

    For example, docker rmi <image_id>

  4. Navigate to the location where you have extracted the Identity_Manager_4.8.6_P2_Containers.tar.gz file.

  5. Navigate to the docker-images directory.

  6. Run the following command to load the image:

    docker load --input IDM_486_P2_identityapplication.tar.gz

  7. (Conditional) To update the container on distributed servers, use the following command:

    docker run -d --ip=192.168.0.7 --network=idmoverlaynetwork --hostname=identityapps.example.com -p 18543:18543 --name=idappscontainer -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 identityapplication:idm-4.8.6.0200

  8. (Conditional) To update the container on single server, use the following command:

    docker run -d --network=host --name=idapps-container -v /data:/config --stop-timeout 100 identityapplication:idm-4.8.6.0200
Updating SSPR Container

  1. Stop the existing docker container by using the docker stop command.

    For example: docker stop <container_id>

  2. Remove the docker container by using the docker rm command.

    For example: docker rm <container_id>

  3. Delete the SSPR docker image by using the docker rmi command.

    For example, docker rmi <image_id>

  4. Navigate to the location where you have extracted the Identity_Manager_4.8.6_P2_Containers.tar.gz file.

  5. Navigate to the docker-images directory.

  6. Run the following command to load the image:

    docker load --input IDM_486_P1_sspr.tar.gz

  7. (Conditional) To update the containers on distributed servers, use the following command:

    docker run -d --ip=192.168.0.11 --network=idmoverlaynetwork --hostname=sspr.example.com --name=sspr-container -v /etc/hosts:/etc/hosts -v /data/sspr:/config -p 8443:8443 --stop-timeout 100 sspr/sspr-webapp:4.6.0.1

  8. (Conditional) To update the containers on single server, use the following command:

    docker run -d --network=host --name=sspr-container -v /data/sspr:/config --stop-timeout 100 sspr/sspr-webapp:4.6.0.1

3.2 Upgrading from Identity Manager 4.8.6.0100 Version

Depending on your operating system, follow the steps in the sections below to upgrade Identity Manager from 4.8.6.0100 to 4.8.6.0200:

Updating Identity Applications on Linux

  1. Stop the Tomcat and NGINX services by executing the following commands:

    systemctl stop netiq-tomcat.service
    systemctl stop netiq-nginx.service

  2. Take a back up of the IDMProv.war and idmdash.war files from the /opt/netiq/idm/apps/tomcat/webapps directory.

  3. Delete the following from the /opt/netiq/idm/apps/tomcat/webapps directory:

    • IDMProv directory

    • idmdash directory

  4. Download the Identity_Manager_APPS_4.8.6_P2.zip from the Software License and Download portal and extract the file.

  5. Navigate to the <extracted location>/Linux directory.

  6. Run the following commands:

    rpm -Uvh netiq-userapp-4.8.6.0200-0.noarch.rpm

  7. (Conditional) If you install the rpm as root, navigate to the /opt/netiq/idm/apps/tomcat/webapps/ directory and run the following commands to add execute permission and user rights for the replaced war files:

    • chmod +x IDMProv.war idmdash.war
    • chown -R novlua:novlua IDMProv.war idmdash.war
    • chown -R novlua:novlua /opt/netiq/idm/apps/tomcat/conf
    • chown -R novlua:novlua /opt/netiq/idm/apps/sites

  8. Delete all the files and directories from the /opt/netiq/idm/apps/tomcat/temp and /opt/netiq/idm/apps/tomcat/work/Catalina directories.

  9. Start the NGINX service by executing the following command:

    systemctl start netiq-nginx.service

  10. (Conditional) If you are using the PostgreSQL database shipped with Identity Manager, run the following command to restart PostgreSQL:

    systemctl restart netiq-postgresql.service

  11. Start the Tomcat service:

    systemctl start netiq-tomcat.service

Updating Identity Applications on Windows

  1. On your Identity Applications server, press Windows + R on your keyboard, type services.msc and select OK to open the Windows Services interface. From the Windows services, stop the IDM Apps Tomcat Service and NetIQ Nginx Service.

  2. Take a back up of the IDMProv.war and idmdash.war files from the <Identity Applications Tomcat installed location>\webapps\ folder.

  3. Delete the following from the <Identity Applications Tomcat installed location>\webapps\ folder.

    • IDMProv.war

    • IDMProv folder

    • idmdash.war

    • idmdash folder

  4. Download the Identity_Manager_APPS_4.8.6_P2.zip from the Software Download and License portal and extract the file.

  5. Copy the IDMProv.war and idmdash.war files from the <extracted location>\Windows to <Identity Applications Tomcat installed location>\webapps\ folder.

  6. Delete all the files and folders from the <Identity Applications Tomcat installed location>\temp and <Identity Applications Tomcat installed location>\work\Catalina\ folders.

  7. (Optional) Navigate to the C:\NetIQ\idm\apps\tomcat\conf\ folder and set com.netiq.idm.rbpm.updateConfig-On-StartUp flag to true in the ism-configuration.properties file.

  8. From the Windows services, start the NetIQ Nginx Service and IDM Apps Tomcat Service on your Identity Applications server.

Updating Identity Applications Containers

This section provides information on updating the Identity Applications container of Identity Manager. These steps can be used to update both single and distributed servers.

  1. Stop the existing docker container by using the docker stop command.

    For example: docker stop <container_id>

  2. Remove the docker container by using the docker rm command.

    For example: docker rm <container_id>

  3. Delete the Identity Applications docker image by using the docker rmi command.

    For example, docker rmi <image_id>

  4. Navigate to the location where you have extracted the Identity_Manager_4.8.6_P2_Containers.tar.gz file.

  5. Navigate to the docker-images directory.

  6. Run the following command to load the image:

    docker load --input IDM_486_P2_identityapplication.tar.gz

  7. (Conditional) To update the container on distributed servers, use the following command:

    docker run -d --ip=192.168.0.7 --network=idmoverlaynetwork --hostname=identityapps.example.com -p 18543:18543 --name=idappscontainer -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 identityapplication:idm-4.8.6.0200

  8. (Conditional) To update the container on single server, use the following command:

    docker run -d --network=host --name=idapps-container -v /data:/config --stop-timeout 100 identityapplication:idm-4.8.6.0200

4.0 Known Issue

NetIQ strives to ensure our products provide quality solutions for your enterprise software needs. There are no new issues other than the issues mentioned in the NetIQ Identity Manager 4.8 Service Pack 6 Release Notes. If you need further assistance with any issue, please contact, contact Technical Support.

5.0 Contact Information

Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.

For detailed contact information, see the Support Contact Information website.

For general corporate and product information, see the NetIQ Corporate website.

For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.

6.0 Legal Notice

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal.

Copyright © 2023 NetIQ Corporation, a Micro Focus company. All Rights Reserved.