OpenText Identity Manager 24.4.1 (v4.10.0.0100) resolves some of the previous issues. This document outlines how you can apply this patch.
For the list of software fixes and enhancements in the previous release, see OpenText™ Identity Manager CE 24.4 (v4.10) Release Notes.
For more information about this release and for the latest release notes, see the Identity Manager Documentation page. To download this product, see the Software Licenses and Downloads portal.
This release includes PostgreSQL 14.16 binaries to address known vulnerabilities. It also contains software fixes for previous issues. For more information, see Resolved Issues.
This release provides the following software fixes:
|
Global ID |
Description |
|---|---|
|
OCTCR56A675056 |
The do-set-sso-credential action in the Credential Provisioning policy displays an error after upgrading to version 24.4 (v4.10). |
|
OCTCR56A685150 |
Identity Manager is unable to send email notifications when policies include the <do-send-email-from-template> action, and if the email notification server does not require authentication credentials. |
To apply this patch, you must at least have the following minimum versions:
OpenText™ eDirectory 24.4 (v9.3) or later
If you wish to install or upgrade to the latest 24.4.1 (v9.3.0.0100) version, see OpenText™ eDirectory CE 24.4.1 (v9.3.0.0100) Release Notes.
OpenText™ Identity Manager 24.4 (v4.10)
OpenText™ Identity Console 1.9
Make sure to configure the email server settings in Identity Console. For more information, see OpenText™ Identity Console CE 24.4 (v1.9) Administration Guide
NOTE:If you do not want to authenticate to the email server, you must perform the following steps:
While configuring the email server settings in OpenText Identity Console, ensure that you uncheck the Authenticate to the server using credentials option.
In Email Based Approval of Identity Manager Dashboard, make sure to disable the Authentication Required option in both incoming and outgoing email server settings.
After saving your changes, restart the Tomcat service (Linux) or the IDM Apps Tomcat Service (Windows) to apply the updates.
Depending on your operating system or deployment platform, follow the instructions below to upgrade Identity Manager Engine to 4.10.0.0100 version:
Log in to the Identity Manager engine server.
Take a backup of the dirxml_misc.jar, jsso-jar, jsso-cmd, jsso-prov.jar files in the following location, depending on your access privilege:
For root users: /opt/novell/eDirectory/lib/dirxml/classes
For non-root users: /home/<user>/opt/novell/eDirectory/lib/dirxml/classes
Run the following command to stop Identity Vault:
ndsmanage stopall
Download and extract the Identity_Manager_4.10.0_P1.zip.
(Conditional) If you are running this patch as a root user, navigate to the <extracted location>/Linux directory and run the following commands:
rpm -Uvh novell-DXMLssop-4.0.1-0100.noarch.rpm
rpm -Uvh novell-DXMLbasenoarch-4.10.0-0100.x86_64.rpm
Skip to Step 7.
(Conditional) If you are running this patch as a non-root user, perform the following steps:
Set the root directory path for Identity Vault.
export ROOTDIR='<root directory path>'
For example,
export ROOTDIR='/home/idvault'
Upgrade both the RPMs using the following command:
rpm --dbpath $ROOTDIR/rpm -Uvh --relocate=/usr=$ROOTDIR/opt/novell/eDirectory --relocate=/etc=$ROOTDIR/etc --relocate=/opt/novell/eDirectory=$ROOTDIR/opt/novell/eDirectory --relocate=/opt/novell/dirxml=$ROOTDIR/opt/novell/dirxml --relocate=/var=$ROOTDIR/var --badreloc --nodeps --replacefiles /<path to the new rpm>
For example,
rpm --dbpath /home/idvault/rpm -Uvh --relocate=/usr=/home/idvault/opt/novell/eDirectory --relocate=/etc=/home/idvault/etc --relocate=/opt/novell/eDirectory=/home/idvault/opt/novell/eDirectory --relocate=/opt/novell/dirxml=/home/idvault/opt/novell/dirxml --relocate=/var=/home/idvault/var --badreloc --nodeps --replacefiles /Linux/novell-DXMLssop-4.0.1-0100.noarch.rpm
rpm --dbpath /home/idvault/rpm -Uvh --relocate=/usr=/home/idvault/opt/novell/eDirectory --relocate=/etc=/home/idvault/etc --relocate=/opt/novell/eDirectory=/home/idvault/opt/novell/eDirectory --relocate=/opt/novell/dirxml=/home/idvault/opt/novell/dirxml --relocate=/var=/home/idvault/var --badreloc --nodeps --replacefiles /Linux/novell-DXMLbasenoarch-4.10.0-0100.x86_64.rpm
Run the following command to start Identity Vault:
ndsmanage startall
Log in to the Identity Manager engine server.
Navigate to the <IDM_install_location>\NDS\lib\ folder and take a backup of the following files:
dirxml_misc.jar
jsso-jar
jsso-cmd
jsso-prov.jar
Stop the Identity Vault instance.
Download and extract the Identity_Manager_4.10.0_P1.zip.
Navigate to the <extracted location>\Windows folder.
Copy the dirxml_misc.jar, jsso-jar, jsso-cmd, jsso-prov.jar files from the extracted location to the <IDM_install_location>\NDS\lib\ folder.
Start the Identity Vault.
This section provides information on updating the OpenText Identity Manager Engine container. These steps can be used to update both single and distributed servers.
NOTE:The Identity Manager patch container includes eDirectory 24.4.1 (v9.3.0.0100) Docker image. To deploy OpenText eDirectory using Docker container, see Deploying OpenText eDirectory Container
Stop the existing docker container by using the docker stop command. For example,
docker stop <container_id>
Remove the docker container by using the docker rm command. For example,
docker rm <container_id>
Delete the Identity Manager Engine docker image by using the docker rmi command. For example,
docker rmi <image_id>
Create a credentials.properties file under the shared directory /data with the following content.
ID_VAULT_ADMIN_LDAP="<ID_VAULT_ADMIN_LDAP>" ID_VAULT_PASSWORD="<ID_VAULT_PASSWORD>"
where, ID_VAULT_ADMIN_LDAP must be in comma format.
For example,
ID_VAULT_ADMIN_LDAP="cn=admin,ou=sa,o=system"
ID_VAULT_PASSWORD="novell"
Navigate to the location where you have extracted the Identity_Manager_4.10.0_P1_Containers.tar.gz file.
Navigate to the docker-images directory.
Run the following command to load the image
docker load --input IDM_4101_identityengine.tar.gz
(Conditional) Update the container using the following command:
If you are deploying the OpenText Identity Manager Engine on distributed server using the overlay network:
docker run --restart unless-stopped -d --ip=192.168.0.12 --network=idmoverlaynetwork --hostname=identityengine.example.com --name=engine-container -v /etc/hosts:/etc/hosts -v /data:/config -p 8028:8028 -p 524:524 -p 389:389 -p 8030:8030 -p 636:636 -e SILENT_INSTALL_FILE=/config/credentials.properties --stop-timeout 100 identityengine:idm-4.10.0.0100-15
If you are deploying the OpenText Identity Manager Engine on a distributed server using the host network, or on a single server:
docker run --restart unless-stopped -d --network=host --name=engine-container -e SILENT_INSTALL_FILE=/config/credentials.properties --stop-timeout 100 identityengine:idm-4.10.0.0100-15
Applies only when you are using PostgreSQL database.
Stop all services using the PostgresSQL database and follow the instructions below to update PostgreSQL to 14.16:
NOTE:The PostgreSQL binaries in this patch cannot be installed on SUSE Linux Enterprise Server 12 SP5 or earlier. It is recommended that you update to SUSE Linux Enterprise Server 15 or above before applying this patch.
Download the Identity_Manager_4.10_Linux.iso from the Software Download and License portal and extract the file to a local directory.
Make a copy of the extracted files to a location with write access.
For example,
mkdir -p /home/410 cp -r <mount-location>/* /home/410/
Remove the older postgres package using the following command:
rm /home/410/common/packages/postgres/netiq-postgresql-<version>.noarch.rpm
Download the Identity_Manager_4.10.0_P1.zip from the Software Download and License portal and extract the file to a local directory.
Replace the rpm inside /home/410/common/packages/postgres with Identity_Manager_4.10.0_P1/Linux/netiq-postgresql-14.16-1.noarch.rpm.
cp Identity_Manager_4.10.0_P1/Linux/netiq-postgresql-14.16-1.noarch.rpm /home/410/common/packages/postgres
Replace the ./pg-upgrade.sh in the /home/410/common/scripts directory with Identity_Manager_4.10.0_P1/Linux/pg-upgrade.sh.
cp Identity_Manager_4.10.0_P1/Linux/pg-upgrade.sh /home/410/common/scripts
Navigate to the /home/410/common/scripts directory and run the following command:
./pg-upgrade.sh
Specify the following details to complete the installation:
Existing Postgres install location: Specify the location where PostgreSQL is installed. The default location is /opt/netiq/idm/postgres.
NOTE:Ensure the user has appropriate permission to the /opt/netiq/idm/postgres directory.
Existing Postgres Data Directory: Specify the location of the PostgreSQL data directory. The default location is /opt/netiq/idm/postgres/data.
Existing Postgres Database Password: Specify the PostgreSQL password.
To update PostgreSQL, follow the steps mentioned in Upgrading the PostgreSQL Database.
NOTE:In step 4b of Upgrading the PostgreSQL Database, you must run TomcatPostgreSQL.exe from the extracted directory of Identity_Manager_4.10.0_P1/Windows/TomcatPostgreSQL.exe.
Download the postgres image from the docker hub repository using the following command:
docker pull postgres:14.16
This step is an alternative to the docker load --input command. It is not mandatory, as you can also specify the image name directly in the docker run command. If the image is not available in your local repository, Docker will automatically attempt to fetch it from the public repository.
(Conditional) To update the PostgreSQL container on distributed servers, see Updating PostgreSQL Container.
(Conditional) To update the PostgreSQL container on single server, see Updating PostgreSQL Container.
We strive to ensure our products provide quality solutions for your enterprise software needs. There are no new issues other than the issues mentioned in the OpenText™ Identity Manager CE 24.4 (v4.10) Release Notes. If you need further assistance with any issue, please contact Technical Support.
For specific product issues, contact OpenText Support at https://www.microfocus.com/support-and-services/.
Additional technical information or advice is available from several sources:
Product documentation, Knowledge Base articles, and videos: https://www.microfocus.com/support-and-services/
The OpenText Community pages: https://www.microfocus.com/communities/
Copyright 2009 - 2025 Open Text.
The only warranties for products and services of Open Text and its affiliates and licensors (“Open Text”) are as may be set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Open Text shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.