10.0 Prerequisites for Upgrading Access Manager

Any option that is configured through the nidpconfig.properties file will be overwritten after upgrade. Therefore, back up the nidpconfig.properties file before upgrading to Access Manager 4.5. After the upgrade, replace the new nidpconfig.properties file with the backed up file.

Identity Server:

Linux: /opt/novell/nids/lib/webapp/WEB-INF/classes/nidpconfig.properties

Windows: C:\Program Files\Novell\Tomcat\webapps\nidp\WEB-INF\classes\nidpconfig.properties

Access Gateway:

Linux: /opt/novell/nesp/lib/webapp/WEB-INF/classes/nidpconfig.properties

Windows: C:\Program Files\Novell\Tomcat\webapps\nesp\WEB-INF\classes\nidpconfig.properties

Back up your current Access Manager configuration using ./ambkup.sh command. For more information, see section Back Up and Restore in the Access Manager 4.5 Administration Guide.

Some of the options are supported only through Administration Console. After the upgrade, configure those options through Administration Console. For the list of options that must be configured through Administration Console, see Configuring Identity Server Global Options, Configuring ESP Global Options, Defining Options for SAML 2.0 in the Access Manager 4.5 Administration Guide.

Access Manager 4.2 and later versions do not support Platform Agent and Novell Audit. If you are upgrading from an older version of Access Manager where you have configured Platform Agent, ensure to remove this configuration before upgrading to the latest version. Otherwise, auditing will fail because the Platform Agent service is not available post upgrade.

The upgrade process overwrites all customized JSP files. If you have customized JSP files for Identity Server or Access Gateway, you must perform manual steps to maintain the customized JSP files. For more information, see Section 10.1, Maintaining Customized JSP Files for Identity Server or Section 10.2, Maintaining Customized JSP Files for Access Gateway.

If you have customized any changes to tomcat.conf or server.xml, back up the files. After the upgrade, restore the files.

If you have installed the unlimited strength java crypto extensions before upgrade, re-install it after the upgrade because a new Java version will be used.

If you are using Kerberos, back up the /opt/novell/nids/lib/webapp/WEB-INF/classes/kerb.properties file. After the upgrade, restore the files.

Similarly, if you are using any customized files, ensure to back it up and copy the customized content from the backed up file to the upgraded file after the upgrade is successful.

If you have made any customization in the /opt/novell/nam/idp/webapps/nidp/META-INF/context.xml file, back up the file.

After the upgrade, add the customized content to the upgraded context.xml file and uncomment the following lines in the context.xml file:

<!-- Force use the old Cookie processor (because this new tomcat version uses RFC6265 Cookie Specification) -->

<!-- <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" /> --> </Context>

(Linux) Ensure to perform the following procedure for both SLES and Red Hat:

If you have enabled history for risk-based authentication in a prior version of Access Manager, you must upgrade the database for risk-based authentication after upgrading to 4.5. You can find the upgrade script here: /opt/novell/nids/lib/webapp/WEB-INF/RiskDBScript.zip.

MySQL: Run netiq_risk_mysql_upgrade.sql

Oracle: Run netiq_risk_oracle_upgrade.sql

Microsoft SQL Server: Run netiq_risk_sql_server_upgrade.sql