8.5 Upgrading Procedure

Before starting the upgrade procedure, ensure that you review the consideration in Planning to Upgrade Identity Governance.

  1. (Optional) Run reports for any review run details you want to make available after the upgrade.

  2. Complete or stop all scheduled items, running reports, and running reviews before starting the upgrade process.

  3. Stop Identity Governance (and Tomcat). For more information, see Stopping, Starting, and Restarting Tomcat.

  4. Back up and export (PostgreSQL only) your full Identity Governance data and confirm that you can restore it with no problems.

    Include the following databases:

    • igara

    • igdcs

    • igops

    • igwf

    • idm_rpt_cfg

    • idm_rpt_data

    For more information, see Backup and Restore in the PostgreSQL Documentation.

  5. (Conditional) If you have an Oracle database, perform the following steps:

    1. Backup the igops schema.

    2. Run the following command to identify invisible columns: 

      select c.table_name, e.extension_name 
    from sys.user_tab_cols c 
      inner join sys.user_stat_extensions e on e.table_name = c.table_name
    where c.virtual_column = 'YES' and e.droppable = 'YES'

Script that should drop extended statistics and so the virtual column 
declare
  v_sql varchar2(255);
  v_owner varchar2(255);
begin
  select SYS_CONTEXT('USERENV', 'SESSION_USER') into v_owner from DUAL;
  for rec in (
    select c.table_name, e.extension_name 
    from sys.user_tab_cols c 
      inner join sys.user_stat_extensions e on e.table_name = c.table_name
    where c.virtual_column = 'YES' and e.droppable = 'YES'
  )
  loop
    --v_sql := 'alter table '||v.table_name||' drop '||v.column_name;
    v_sql := 'exec dbms_stats.drop_extended_stats('''|| v_owner ||''', '''|| rec.table_name ||''', '''|| rec.extension_name ||''')';
    execute immediate v_sql;
  end loop;
end;

    3. Remove the hidden columns. For more information, see Tips and Tricks Invisible Columns in Oracle Database 12c.

  6. Move your generated reports (pdf and csv) from the Reporting home folder to a backup directory.

  7. Use the Data Purge utility to delete unwanted data before upgrading. For more information, see Section 20.0, Grooming the Identity Governance Databases.

  8. Uninstall Identity Governance and Identity Reporting. For more information, see Section 9.0, Uninstalling Identity Governance.

  9. Uninstall OSP and clean up any remaining files and folders. The default installation directory is:

    • Linux: /opt/netiq/idm/apps/osp

    • Windows: C:\netiq\idm\apps\osp

  10. Uninstall Tomcat and clean up any remaining files and folder.

  11. (Conditional) If using PostgreSQL, uninstall PostgreSQL. For more information, see PostgreSQL Installation Procedure in the PostgreSQL documentation. The uninstall information is at the end of the section.

  12. (Conditional) If you are running on Windows, reboot the Windows server.

  13. (Conditional) Upgrade the database server if you are running Microsoft SQL Server or Oracle to the latest supported version by following the database platform instructions.

  14. (Conditional) Add the invisible columns back into the Oracle database. For more information, see Tips and Tricks Invisible Columns in Oracle Database 12c.

  15. (Conditional) Install the most recent version of Postgres. For more information, see Section 3.0, Installing Tomcat, PostgreSQL, and ActiveMQ for Identity Governance

  16. (Conditional) If using PostgreSQL, add the following users:

    • idm_rpt-cfg

    • igara

    • igdcs

    • igops

    • igrptuser

    • igwf

    • ig_rpt_role

  17. (Conditional) If you have exported the PostgreSQL data, import your data to the new database.

  18. Install Tomcat. For more information, see Section 3.0, Installing Tomcat, PostgreSQL, and ActiveMQ for Identity Governance.

  19. Install the current version of OSP. For more information, see Section 4.0, Installing One SSO Provider.

  20. Install the current version of Identity Governance. For more information, see Section 5.0, Installing Identity Governance.

  21. Install the current version of Identity Reporting. For more information, see Section 6.0, Installing Identity Reporting.

  22. After the installation completes, copy the generated pdf and csv report files to the location specified during the installation.

  23. Start Identity Governance (and Tomcat). For more information, see Stopping, Starting, and Restarting Tomcat.

  24. Review changes to existing collectors and adjust mappings as necessary.

  25. Publish the collected data again to populate the business roles and other items. For more information, see Section 18.0, Publishing the Collected Data.

  26. Activate schedules or create new schedules, if needed.

  27. To restore your Administration settings, complete the following steps:

    1. Log in to Identity Governance as a Global Administrator.

    2. Select Administration.

    3. Restore your values in the following Administration sections, as needed:

      • Risk Level Configuration

      • General Settings

      • Identity Manager System Connection Information

    4. Save your changes.

  28. Restore your values for Escalation timeout and Reminder notification in your review definitions.

  29. Run the Configuration utility to restore your values for Workflow Settings > Notification System. For more information, see Running the Identity Governance Configuration Utility.