Overview

This update is applicable for Active Directory drivers running Identity Manager 4.6 or later. The driver version will be changed to 4.1.1.0 after the patch is applied.

Supported Platforms System Requirements Upgrading the Driver

The driver upgrade process involves the following tasks:

Upgrading the Driver Packages
  1. Download the following packages:

  2. Open the project containing the driver.

  3. Right-click the driver for which you want to upgrade an installed package, then click Driver > Properties.

  4. Click Packages.
  5. A check mark indicates a newer version of a package in the Upgrades column.

  6. Click Select Operation for the package that indicates there is an upgrade available.

  7. From the drop-down list, click Upgrade.

  8. Select the version that you want to upgrade to, then click OK.
  9. NOTE: Designer lists all versions available for upgrade.

  10. Click Apply.

  11. (Conditional) Fill in the fields with appropriate information to upgrade the package, then click Next.
  12. Depending on which package you selected to upgrade, you must fill in the required information to upgrade the package.

  13. Read the summary of the packages that will be installed, then click Finish.

  14. Review the upgraded package, then click OK to close the Package Management page.

Updating the Driver Files
  1. Take a back-up of the current driver configuration.

  2. (Conditional) If the driver is running locally, stop the driver instance and the Identity Vault.

  3. (Conditional) If the driver is running with a Remote Loader instance, stop the driver and the Remote Loader instance.

  4. Download and unzip the contents of IDM46_ADDriver_4110.zip file to a temporary location on your server.

  5. Update the driver files:
  6. Navigate to the extracted <addriverfp>\x64\windows folder and perform the following actions:


  7. If the server has password synchronization configured, copy the following files from the extracted <addriverfp>\x64 folder:

    1. PassSyncConfig.cpl to the C:\Windows\System32 folder.

    2. pwFilter.dll to the \Novell\IDM_PassSync\w64 folder.

    3. Restart the server.

  8. Update the Password Sync Filter.
  9. NOTE: You must reboot each Domain Controller for the changes to take effect. Therefore, check your current pwfilter.dll file version before starting the update. If the current version and the version shipped with the driver patch file are same, skip this step.

    1. Verify the current version of your Password Sync Filter (pwfilter.dll).

      1. On all Domain Controllers, browse to the C:\Windows\System32 folder.

      2. Right-click the pwfilter.dll file.

      3. Click Properties.

      4. Click the Details tab and check the version of the file.

    2. Update the Password Sync Filter files.

      1. On each Domain Controller, rename the existing pwfilter.dll file to pwfilter.old.

      2. Navigate to the extracted <addriverfp>\x64 folder and copy the pwfilter.dll file to the \Windows\System32 folder.
      3. Alternatively, run the Control Panel applet and check the filter status. Any old password sync filters should show as outdated and can be updated using that utility. A reboot of the Domain Controller is still needed because pwfilter.dll is loaded by the LSA process and that is only run at the startup of a server.

      4. Reboot each Domain Controller to apply the Password Sync Filter changes.

  10. If you enabled the driver to synchronize Exchange data or if you want to use Active Directory PowerShell, update the Exchange Service files.
  11. NOTE: You must perform this step only if your Active Directory driver version is less than 4.0.0.1.

    Your Exchange Service files must match the Microsoft Exchange version you are using. For example, use:

    To update the Exchange Service files:

    1. Stop the currently running Exchange service and remove it.

    2. Copy the new Exchange Service files from the unzipped <addriverfp>\noarch folder to \Novell\NDS or \Novell\RemoteLoader\64bit folder on your computer.


    3. Install the Identity Manager Exchange service. See the instructions from Identity Manager Active Directory Driver Implementation Guide.

    4. Start the Exchange Service.

    NOTE: Review the following considerations for running IDM_PowerShell_Service on Windows 2008.


  12. If the driver is running locally, start the Identity Vault and the driver instance.

  13. If the driver is running with a Remote Loader instance, start the Remote Loader instance and the driver instance.

Technical Support Information

Issues Fixed in This Release


Issues Fixed in Previous Releases