Before starting the upgrade procedure, ensure that you review the consideration in Planning to Upgrade Identity Governance.
(Optional) Run reports for any review run details you want to make available after the upgrade.
Complete or stop all scheduled items, running reports, and running reviews before starting the upgrade process.
Stop Identity Governance (and Tomcat). For more information, see Stopping, Starting, and Restarting Tomcat.
Back up and export (PostgreSQL only) your full Identity Governance data and confirm that you can restore it with no problems.
Include the following databases:
igara
igdcs
igops
igwf
idm_rpt_cfg
idm_rpt_data
For more information, see Backup and Restore
in the PostgreSQL Documentation.
(Conditional) If you have an Oracle database, perform the following steps:
Backup the igops schema.
Run the following command to identify invisible columns:
select c.table_name, e.extension_name
from sys.user_tab_cols c
inner join sys.user_stat_extensions e on e.table_name = c.table_name
where c.virtual_column = 'YES' and e.droppable = 'YES'
Script that should drop extended statistics and so the virtual column
declare
v_sql varchar2(255);
v_owner varchar2(255);
begin
select SYS_CONTEXT('USERENV', 'SESSION_USER') into v_owner from DUAL;
for rec in (
select c.table_name, e.extension_name
from sys.user_tab_cols c
inner join sys.user_stat_extensions e on e.table_name = c.table_name
where c.virtual_column = 'YES' and e.droppable = 'YES'
)
loop
--v_sql := 'alter table '||v.table_name||' drop '||v.column_name;
v_sql := 'exec dbms_stats.drop_extended_stats('''|| v_owner ||''', '''|| rec.table_name ||''', '''|| rec.extension_name ||''')';
execute immediate v_sql;
end loop;
end;
Remove the hidden columns. For more information, see Tips and Tricks Invisible Columns in Oracle Database 12c
.
Move your generated reports (pdf and csv) from the Reporting home folder to a backup directory.
Use the Data Purge utility to delete unwanted data before upgrading. For more information, see Section 20.0, Grooming the Identity Governance Databases.
Uninstall Identity Governance and Identity Reporting. For more information, see Section 9.0, Uninstalling Identity Governance.
Uninstall OSP and clean up any remaining files and folders. The default installation directory is:
Linux: /opt/netiq/idm/apps/osp
Windows: C:\netiq\idm\apps\osp
Uninstall Tomcat and clean up any remaining files and folder.
(Conditional) If using PostgreSQL, uninstall PostgreSQL. For more information, see PostgreSQL Installation Procedure in the PostgreSQL documentation. The uninstall information is at the end of the section.
(Conditional) If you are running on Windows, reboot the Windows server.
(Conditional) Upgrade the database server if you are running Microsoft SQL Server or Oracle to the latest supported version by following the database platform instructions.
(Conditional) Add the invisible columns back into the Oracle database. For more information, see Tips and Tricks Invisible Columns in Oracle Database 12c
.
(Conditional) Install the most recent version of Postgres. For more information, see Section 3.0, Installing Tomcat, PostgreSQL, and ActiveMQ for Identity Governance
(Conditional) If using PostgreSQL, add the following users:
idm_rpt-cfg
igara
igdcs
igops
igrptuser
igwf
ig_rpt_role
(Conditional) If you have exported the PostgreSQL data, import your data to the new database.
Install Tomcat. For more information, see Section 3.0, Installing Tomcat, PostgreSQL, and ActiveMQ for Identity Governance.
Install the current version of OSP. For more information, see Section 4.0, Installing One SSO Provider.
Install the current version of Identity Governance. For more information, see Section 5.0, Installing Identity Governance.
Install the current version of Identity Reporting. For more information, see Section 6.0, Installing Identity Reporting.
After the installation completes, copy the generated pdf and csv report files to the location specified during the installation.
Start Identity Governance (and Tomcat). For more information, see Stopping, Starting, and Restarting Tomcat.
Review changes to existing collectors and adjust mappings as necessary.
Publish the collected data again to populate the business roles and other items. For more information, see Section 18.0, Publishing the Collected Data.
Activate schedules or create new schedules, if needed.
To restore your Administration settings, complete the following steps:
Log in to Identity Governance as a Global Administrator.
Select Administration.
Restore your values in the following Administration sections, as needed:
Risk Level Configuration
General Settings
Identity Manager System Connection Information
Save your changes.
Restore your values for Escalation timeout and Reminder notification in your review definitions.
Run the Configuration utility to restore your values for Workflow Settings > Notification System. For more information, see Running the Identity Governance Configuration Utility.