7.8 Upgrading Identity Reporting

Identity Reporting includes two drivers. Perform the upgrade in the following order:

NOTE:Ensure that your database is upgraded to a supported version.

  1. Upgrade your database to a supported version. For information on upgrading PostgreSQL database, see Preparing the PostgreSQL Database for Upgrade.

  2. Upgrade the driver packages. For more information, see Upgrading the Driver Packages for Identity Reporting.

  3. Upgrade/Migrate to Sentinel Log Management for IGA.

    If you are upgrading from Identity Reporting 4.6.x, upgrade Sentinel Log Management for IGA to 4.7 version. For more information, see Upgrading Sentinel Log Management for IGA.

    If you are migrating from Identity Reporting 4.5.x, migrate from EAS to Sentinel Log Management for IGA. For more information, see Updating the Drivers for Identity Reporting.

  4. Upgrade Identity Reporting. For more information, see Upgrading Identity Reporting.

  5. Configure Data Collection. For more information, see Configuring Settings and Data Collection in the Administrator Guide to NetIQ Identity Reporting.

7.8.1 Prerequisites and Considerations for Upgrade

Before you perform an upgrade, the following considerations apply:

  • During upgrade, ensure that you specify the correct location for the postgresql-9.4.1212.jar file. The default location is /opt/netiq/idm/postgres/. The database connection will fail in the following scenarios:

    • if you provide the incorrect path

    • if you provide the incorrect jar file

    • if the firewall is enabled

    • if the database does not accept connections from remote machines

  • If your database is configured over SSL, remove ssl=true from the server.xml file from PATH located at:

    /opt/netiq/idm/apps/tomcat/conf/

    For example, change

    jdbc:postgresql://<postgres db>:5432/idmuserappdb?ssl=true

    to

    jdbc:postgresql://<postgres db>:5432/idmuserappdb

7.8.2 Upgrading the Driver Packages for Identity Reporting

This section explains how to update the packages for the Managed System Gateway and Data Collection Service drivers to the latest version. You must perform this task before upgrading Identity Reporting.

  1. In Designer, open your current project.

  2. Right-click Package Catalog > Import Package.

  3. Select the appropriate package. For example, Managed System Gateway Base package.

  4. Click OK.

  5. In the Developer View, right-click the driver and then click Properties.

  6. Navigate to the Packages tab in the Properties page.

  7. Click the Add package (+) symbol in the top right corner.

  8. Select the package, and then click OK.

  9. Repeat the same procedure to upgrade the package for the Data Collection Service Driver.

    NOTE:Ensure that the Managed System Gateway Driver and Data Collection Service Driver are connected to the upgraded Identity Manager.

7.8.3 Upgrading Sentinel Log Management for IGA

  1. Download the SentinelLogManagementForIGA8.1.1.0.tar.gz from the NetIQ downloads Website.

  2. Navigate to a directory where you want to extract the file.

  3. Run the following command to extract the file.

    tar -zxvf SentinelLogManagementForIGA8.1.1.0.tar.gz

  4. Navigate to the SentinelLogManagementforIGA directory.

  5. To install SLM for IGA, run the following command:

    ./install.sh

  6. Specify the language that you want to use for installation, then press Enter.

  7. Enter y to accept the license agreement and complete the upgrade.

NOTE:After SLM for IGA is upgraded, manually import the latest collectors.

  1. Navigate to the directory where you have extracted the SentinelLogManagementForIGA8.1.1.0.tar.gz file.

  2. Navigate to the /content/ directory.

  3. Import and configure the collectors. For more information, see Installing and Configuring the Identity Manager Collector in NetIQ Identity Manager - Configuring Auditing in Identity Manager.

7.8.4 Upgrading the Operating System

When you upgrade the operating system from SLES 11 to SLES 12, the upgrade procedure for the operating system deletes some SLM for IGA RPMs.

The following commands ensure SLM for IGA works correctly after you upgrade the operating system.

NOTE:You must upgrade SLM for IGA before you upgrade the operating system.

Use the following steps to upgrade your operating system:

  1. Navigate to the directory where the Sentinel install file was extracted.

  2. Stop the Sentinel services:

    rcsentinel stop

  3. Run the following command:

    ./install.sh --preosupgrade

  4. Upgrade your operating system.

  5. Run the following command:

    ./install.sh --postosupgrade

  6. Restart the Sentinel service:

    rcsentinel restart

7.8.5 Upgrading Identity Reporting

  1. Download the Identity_Manager_4.7_Linux.iso from the NetIQ Downloads website.

  2. Mount the downloaded .iso.

  3. Run the following command:

    ./install.sh

  4. Read through the license agreement.

  5. Enter y to accept the license agreement.

  6. Specify whether you want upgrade the Identity Manager components. The available options are y and n.

  7. Select Identity Reporting to proceed with the upgrade.

  8. Specify the following details:

    OSP Installed: Specify if OSP is installed.

    OSP Install Folder: Specify the backup installation folder for OSP.

    Reporting Installation Folder for backup: Specify the Reporting Installation folder.

    Create schema for Identity Reporting: Specify whether you want to create the schema for your database now or later. The available options are Now, Startup, and File.

    Identity Reporting Database JDBC jar file: Specify the database JAR file for Identity Reporting. The default location of the existing database jar file is /opt/netiq/idm/apps/postgres/postgresql-9.4.1212.jar.

    Identity Reporting Database user: Specify the name of the Reporting database user.

    Identity Reporting Database account password: Specify the Reporting database password.

    IMPORTANT:If you are installing OSP on a new server, you must restore your existing OSP settings on the new server. For more information, see One SSO Provider.

7.8.6 Post-upgrade Steps for Reporting

NOTE:Identity Manager 4.6.1 reports do not work after you perform an upgrade. You can only use Identity Manager 4.7 reports.

During upgrade, if you have selected Database Schema creation as Startup or File, ensure you do the following:

  1. Restart Tomcat.

    systemctl restart netiq-tomcat

  2. Log in to Identity Reporting.

  3. Delete the existing datasource and report definitions from the Identity Reporting repository.

  4. Add the new Identity Manager Data Collection Services datasource.

7.8.7 Verifying the Upgrade for Identity Reporting

  1. Launch Identity Reporting.

  2. Verify that old and new reports are being displayed in the tool.

  3. Look at the Calendar to see whether your scheduled reports appear.

  4. Ensure that the Settings page displays your previous settings for managed and unmanaged applications.

  5. Verify that all other settings look correct.

  6. Verify whether the application lists your completed reports.

NOTE:After upgrading Identity Manager to latest version (single server) if Identity Governance properties/parameters are not present in configupdate.sh.properties and ism-configuration.properies, you need to manually update the files. For more information, see Configuring Identity Manager for Integration in NetIQ Identity Manager - Administrator’s Guide to the Identity Applications.