Overview

This patch is applicable for Bidirectional eDirectory drivers running Identity Manager 4.7.x and 4.8.x. The driver version will be changed to 4.0.8.1 after the patch is applied.

System Requirements Upgrading the Driver

The driver upgrade process involves the following tasks:

Updating the Driver Files
  1. Take a back-up of the current driver configuration.

  2. Stop the driver instance and the Identity Vault.

  3. Download and unzip the contents of the IDM_Bidirectional_4081.zip file to a temporary location on your computer.

  4. (Conditional) To update the driver files as a root user:

    1. On the server where you want to apply the driver patch, log in as root/administrator.

    2. Navigate to the <extracted IDM_Bidirectional_4081.zip> directory and perform one of the following actions for your platform:


  5. (Conditional) To update the driver files as a non-root user:

    1. Verify that <non-root edirectory="" location="">/rpm directory exists and contains _db.* file.
    2. The _db.* file is created during a non-root installation of the Identity Manager engine. Absence of this file might indicate that Identity Manager is not properly installed. Reinstall Identity Manager to correctly place the file in the directory.

    3. To set the root directory to the location of non-root Identity Vault, enter the following command in the command prompt:
    4. ROOTDIR=<non-root eDirectory location>

      This will set the environmental variables to the directory where Identity Vault is installed as a non-root user.

    5. To install the driver files, enter the following command:
    6. For example, to install the Bidrectional eDirectory driver RPM, use this command:

      rpm --dbpath $ROOTDIR/rpm -Uvh --relocate=/usr=$ROOTDIR/opt/novell/eDirectory --relocate=/etc=$ROOTDIR/etc --relocate=/opt/novell/eDirectory=$ROOTDIR/opt/novell/eDirectory --relocate=/opt/novell/dirxml=$ROOTDIR/opt/novell/dirxml --relocate=/var=$ROOTDIR/var --badreloc --nodeps --replacefiles /home/user/novell-DXMLEdirDrv.rpm

      where /opt/novell/eDirectory is the location where non-root eDirectory is installed and /home/user/ is the home directory of the non-root user.

    NOTE: Do not restart Identity Vault until you complete upgrading the Change-Log module.


Upgrading the Change-Log Module on Linux as a Root User
  1. Download and unzip the contents of the IDM_Changelog_4081.zip file to a temporary location on the server running the Changelog module.

  2. (Conditional) If you are upgrading the Change-Log version from 4.0.1.x to 4.0.8.1, log in as root and run the following command to install the new schema by using ndssch:
  3. For example:

    "ndssch -h xxx.xxxx.xxx.xxx -t TREE_NAME admin.xxxxx /xxxx/IDM_Changelog_4081/schema/clschema.sch"

    or

    "ice -S SCH -f < path.../schema/clschema.sch> -D LDAP -s xxx.xxx.xxx.xxx -d <Admin-DN> -w <password>"

    NOTE: This action is not required if you are upgrading the Change-Log version from 4.0.2 or later.

  4. Stop the eDirectory service (ndsd).

  5. Upgrade the existing RPM.


Upgrading the Change-Log Module on Linux as a Non-root User

If eDirectory is installed as a non-root user, you must install the Change-Log module as a non-root user. The Change-Log files are included in the driver RPM. To install the Change-Log module, install the driver RPM.

  1. Set the root directory to non-root eDirectory location by entering the following command in the command prompt:
  2. ROOTDIR=<non-root eDirectory location>

    This will set the environmental variables to the directory where eDirectory is installed as a non-root user.

    For example, ROOTDIR="/local/home/bshidm/base/bshappl/edir. Note that this location is specified in the example script in Step 2.

    Alternatively, set the root directory by directly editing the script in a text editor before running the script in Step 2.

  3. Install the Change-Log module by running the following script in a command prompt:
  4. #!/bin/sh #set -x #Copyright © 2020 NetIQ Corporation. All Rights Reserved clear echo "" echo " Installing packages... " echo "" if [ "$1" == "" ] ; then exit fi pkgfile=$1 ROOTDIR="/local/home/bshidm/base/bshappl/edir" RPMDB=$ROOTDIR/rpm if [ ! -d "$RPMDB" ] ; then mkdir $RPMDB fi # create rpm database if it doesn't exist if [ ! -f $RPMDB/__db.000 ] then # mkdir -p $RPMDB rpm --dbpath "$RPMDB" --initdb fi RPM_FLAGS="--dbpath $RPMDB -Uvh --relocate=/etc=$ROOTDIR/etc --relocate=/opt=$ROOTDIR/opt --relocate=/opt/novell/eDirectory/lib64=$ROOTDIR/opt/novell/eDirectory/lib64 --relocate=/var=$ROOTDIR/var --badreloc --nodeps --replacefiles --force" rpm $RPM_FLAGS $pkgfile


Upgrading the Change-Log Module on Windows

Perform the following actions to upgrade the Change-Log module on Windows:

  1. Download and unzip the contents of the IDM_Changelog_4081.zip file to a temporary location on the server running the Changelog module.

  2. (Conditional) If you are upgrading the Change-Log version from 4.0.1.x to 4.0.8.1, install the new schema by using the ICE utility. The schema file, clschema.sch, is located in a folder named "schema". This folder is created when the IDM_Changelog_4081.zip file is extracted. To extend the clschema.sch schema file, use the ICE utility. For example:
  3. ice -S SCH -f clschema.sch -D LDAP -s <remote eDirectory server> -d <Admin DN> -w <password>

    NOTE: This action is not required if you are upgrading the Change-Log version from 4.0.2 or later.

  4. Stop the eDirectory service.

  5. Navigate to the \windows-x64 folder in the <extracted IDM_Changelog_4081.zip> directory and copy the following files to your Identity Vault installation folder. For example, \NetIQ\IdentityManager\NDS.

  6. Navigate to the \windows-x64 folder in the <extracted IDM_Changelog_4081.zip> directory and copy the following files to your driver installation folder. For example, \NetIQ\IdentityManager\NDS\lib.
  7. NOTE: When the files are copied, they will replace the existing files. Make sure the location you choose contains the existing files that need to be replaced.

Post-Installation Steps

  1. Start all eDirectory instances (both Identity Vault and Change-Log server).

  2. In iManager, go to Driver Configuration > Engine Control Values > Set option "Include driver filter in Subscriber initialization document" to "true". This option will be set to "false" by default.

  3. Start all drivers running on the Bidirectional eDirectory server.

Technical Support Information

Issues Fixed in This Release

Issues Fixed in Previous Releases 4.0.8
Issues Fixed in Releases 4.0.7

Issue Fixed in Driver 4.0.6.0


Issues Fixed in Driver 4.0.5.1 Release Issues Fixed in Driver 4.0.5.0 Release Issues Fixed in Driver 4.0.3.0 Release