10.6 Migrating Identity Applications

Do not use case-sensitive collation for your database. Case-sensitive collation is not supported. The case-sensitive collation might cause duplicate key errors during migration. If a duplicate key error is encountered, check the collation and correct it, then re-install the identity applications. The only supported collation is SQL_Latin1_General_CP1_CI_AS.

The migration of Identity Applications involves the following:

10.6.1 Migrating the Database to the New Server

If your User Application database is on PostgreSQL, perform the following steps:

  1. Log in as postgres user to the server where PostgreSQL is installed.

    #su - postgres

  2. Export the data to a .sql file. Ensure that the Postgres user has full access to the directory where you want to export the file:

    pg_dump -p <portnumber> -U <username> -d <dbname> -f <export location>

    For example,

    pg_dump -p 5432 -U postgres -d idmuserappdb -f /tmp/idmuserappdb.sql

  3. Log in to the new server where you want to install PostgreSQL.

  4. Install PostgreSQL.

    1. Navigate to the location where you have mounted the Identity_Manager_4.7_Linux.iso.

    2. Navigate to the /common/packages/postgres/ directory.

    3. Install PostgreSQL using the following command:

      rpm -ivh netiq-postgresql-9.6.6-0.noarch.rpm

    4. Associate the group to postgres user using the following command:

      /usr/sbin/usermod -a -G postgres postgres
    5. Change the postgres user’s home directory path to /opt/netiq/idm/postgres/ in the /etc/passwd file.

      1. Navigate to the /etc/ directory.

      2. Edit the passwd file.

        vi /etc/passwd

      3. Change the home directory of the postgres user to /opt/netiq/idm/postgres/.

    6. Log in as postgres user.

      For example,

      su - postgres

    7. Create a data directory in the PostgreSQL installed location.

      mkdir -p <POSTGRES_HOME>/data, where <POSTGRES_HOME> is /opt/netiq/idm/postgres

      For example,

      mkdir -p /opt/netiq/idm/postgres/data

    8. Export the PostgreSQL home directory.

      export PGHOME=<postgres home directory path>

      For example,

      export PGHOME=/opt/netiq/idm/postgres

    9. Export the PostgreSQL password:

      export PGPASSWORD=<enter the database password>

    10. Initialize the database.

      LANG=en_US.UTF-8 <POSTGRES_HOME>/bin/initdb -D <POSTGRES_HOME>/data

      For example:

      LANG=en_US.UTF-8 /opt/netiq/idm/postgres/bin/initdb -D /opt/netiq/idm/postgres/data

    11. Navigate to the /opt/netiq/idm/postgres/ directory.

    12. Create a database for the following components:

      $ createdb idmuserappdb
      $ psql -s idmuserappdb
      # create user idmadmin password 'somepassword';
      # GRANT ALL PRIVILEGES ON DATABASE idmuserappdb TO idmadmin;
      # ALTER DATABASE idmuserappdb OWNER TO idmadmin;
  5. Import the data to the new PostgreSQL database.

    1. Copy the file exported in step 2 to a location where postgres user has full access.

    2. Execute the following command to import data to the PostgreSQL database.

      psql -d <dbname> -U <username> -f <full path where the exported file is located> -W

      For example,

      psql -d idmuserappdb -U idmadmin -f /tmp/idmuserappdb.sql -W

10.6.2 Installing Identity Applications On the New Server

  1. Download the Identity_Manager_4.7_Linux.iso from the NetIQ Downloads website.

  2. Mount the .iso.

  3. Copy the contents of the iso to a different directory which has write access.

    For example,

    cp -rp /mnt /home

  4. Edit the contents of the configuration file to skip the deployment of User Application and roles and Resources Service driver.

    NOTE:By default, Identity Applications installation creates and deploys the drivers for Role and Resource Service and User Application.

    1. Navigate to the /mnt/user_application directory.

    2. Edit the configure.sh file.

      vi configure.sh

    3. Comment out the following line:

      install_service_drivers "UA" "${ID_VAULT_ADMIN_LDAP}" "${ID_VAULT_PASSWORD}" "${ID_VAULT_HOST}" ${ID_VAULT_LDAPS_PORT} "cn=${ID_VAULT_DRIVER_SET},${ID_VAULT_DEPLOY_CTX}"

    4. Save the configure.sh file.

  5. Install Identity Applications from the /mnt directory.

    ./install.sh

  6. Configure Identity Applications from the /mnt directory.

    ./configure.sh

  7. Select Custom configuration and choose No for the following prompt:

    Do you want to configure PostgreSQL database on current server?

  8. Navigate to the configuration update utility located at /opt/netiq/idm/apps/configupdate directory and ensure that the configuration settings are correct:

    ./configupdate.sh