The driver upgrade process involves upgrading the installed driver packages and updating the driver files. The driver patch file contains the software to update the driver files.
Download the latest available packages.
To configure Designer to automatically read the package updates when a new version of a package is available, click Windows > Preferences > NetIQ > Package Manager > Online Updates in Designer. For more information, see NetIQ Designer for Identity Manager Administration Guide.
Upgrade the installed packages.
Open the project containing the driver.
Right-click the driver for which you want to upgrade an installed package, then click Driver > Properties.
Click Packages.
If there is a newer version of a package, there is check mark displayed in the Upgrades column.
Click Select Operation for the package that indicates there is an upgrade available.
From the drop-down list, click Upgrade.
Select the version that you want to upgrade to, then click OK.
NOTE:Designer lists all versions available for upgrade.
Click Apply.
(Conditional) Fill in the fields with appropriate information to upgrade the package, then click Next.
Depending on which package you selected to upgrade, you must fill in the required information to upgrade the package.
Read the summary of the packages that will be installed, then click Finish.
Review the upgraded package, then click OK to close the Package Management page.
For detailed information, see the Upgrading Installed Packages in the NetIQ Designer for Identity Manager Administration Guide.
The driver patch updates the driver files.
This section provides a general procedure for updating the driver files. For instructions about updating the driver to a specific version, search for the driver patch that you want to upgrade to in the Patch Finder Download Page and follow the instructions from the Readme file that accompanies the driver patch release.
Before installing the patch, complete the following steps:
Take a back-up of the current driver configuration.
(Conditional) If the driver is running locally, stop the driver instance and the Identity Vault.
(Conditional) If the driver is running with a Remote Loader instance, stop the driver and the Remote Loader instance.
In a browser, navigate to the NetIQ Patch Finder Download Page.
Under Patches, click Search Patches.
Specify Identity Manager nn Active Directory driver nn in the search box.
Download and unzip the contents of the patch file to a temporary location on your server.
For example, IDM45_ADDriver_4020.zip.
Update the driver files:
Navigate to the <Extracted Driver Patch File Temporary Location>\windows directory and copy the following files to <IdentityManager installation>\Novell\NDS or <IdentityManager installation>\RemoteLoader\Novell\RemoteLoader folder:
addriver.dll
adutil.jar
Navigate to the <Extracted Driver Patch File Temporary Location>\<architecture>nls folder and copy PassSyncConfig.cpl file to <Drive>:\Windows\System32\nls folder.
On a 32-bit operating system, copy the file from the <Extracted Driver Patch File Temporary Location>\x86 folder to C:\Windows\System32 folder.
On a 64-bit operating system, copy the file from the <Extracted Driver Patch File Temporary Location>\x64 folder to C:\Windows\System32 folder.
Update the Password Sync Filter.
NOTE:You must reboot each Domain Controller for the changes to take effect. Therefore, check your current pwfilter.dll file version before starting the update. If the current version and the version shipped with the driver patch file are same, skip this step.
Verify the current version of your Password Sync Filter (pwfilter.dll).
On all Domain Controllers, browse to the <Drive>:\Windows\System32 folder.
Right-click the pwfilter.dll file.
Click Properties.
Click the Details tab and check the version of the file.
Update the Password Sync Filter files.
On each Domain Controller, rename the pwfilter.dll file to pwfilter.old.
Navigate to the <Extracted Driver Patch File Temporary Location>\<architecture> folder and copy the pwfilter.dll to \Windows\System32 folder.
Alternatively, run the Control Panel applet and check the filter status. Any old password sync filters should show as outdated and can be updated using that utility. A reboot of the Domain Controller is still needed because pwfilter.dll is loaded by the LSA process and that is only run at the startup of a server.
(Conditional) Copy the Exchange Service files.
This step is only required if you enabled the driver to synchronize Exchange data or if you want to use Active Directory PowerShell.
Your Exchange Service files must match the Microsoft Exchange version you are using.
|
Exchange Service Version |
Microsoft Exchange Version |
Files to Copy |
|---|---|---|
|
IDM_PowerShell_Service |
Exchange 2019 |
IDMPowerShellManagementServer.dll and IDMPowerShellService.exe |
|
IDM_PowerShell_Service |
Exchange 2016 |
IDMPowerShellManagementServer.dll and IDMPowerShellService.exe |
|
IDM_PowerShell_Service |
Exchange 2013 |
IDMPowerShellManagementServer.dll and IDMPowerShellService.exe |
|
IDM_AD_Exchange2010_Service |
Exchange 2010 |
IDMEx2010ManagementServer.dll and IDMEx2010Service.exe |
Stop the currently running Exchange service.
For example, IDM_AD_Exchange2010_Service.
Remove the Exchange service.
Copy the Exchange service files.
Navigate to the <Extracted Driver Patch File Temporary Location>\<architecture> folder.
(Conditional) If the driver is running with the Remote Loader, copy IDMEx<version>ManagementServer.dll and IDMEx<version>Service.exe files to <drive>\Novell\RemoteLoader folder.
(Conditional) If the driver is running with the Identity Manager engine, copy IDMEx<version>ManagementServer.dll and IDMEx<version>Service.exe files to <Drive>:\Novell\NDS folder.
Install the Identity Manager Exchange service. For more information, see Section C.0, Provisioning Exchange Accounts.
Start the Exchange Service.
Reboot each Domain Controller to apply the Password Sync Filter changes.
(Conditional) If the driver is running locally, start the Identity Vault and the driver instance.
(Conditional) If the driver is running with a Remote Loader instance, start the Remote Loader instance and the driver instance.