The Fan-Out driver provides one-way synchronization to a heterogeneous mix of systems including Linux and UNIX systems, and IBM i5/OS* (OS/400* operating system) and z/OS systems. The Fan-Out driver also provides authentication redirection from those systems.
Moving to the Identity Manager 4.8 driver for RACF provides two main advantages:
Bidirectional Synchronization: The driver allows synchronization from the connected system.
Standard Identity Manager Policies That Simplify Customization: The Fan-Out driver makes minimal use of Identity Manager policies.
Consider the following before migrating from the Fan-Out driver:
Heterogeneity: The Fan-Out driver supports operating system environments besides RACF. You can continue to use the Fan-Out driver for those systems while using the Identity Manager 4.8 driver for RACF on your RACF systems.
Authentication Redirection: The Fan-Out driver provides authentication redirection using the password exit. The Identity Manager 4.8 driver for RACF provides bidirectional password synchronization.
NetIQ® recommends that you perform the upgrade in a test environment similar to your production environment before upgrading production systems.
Before beginning the upgrade process, review Section 3.0, Installing the RACF Driver.
To prepare for installing the upgrade:
Verify that you have the required knowledge and skills.
For details, see Required Knowledge and Skills.
Ensure that the prerequisites are met.
For details, see Prerequisites.
Prepare the distribution files for installation.
For details, see Getting the Installation Files.
To migrate, follow these tasks on your target platform system:
Stop the following started tasks:
PLATRCVR
ASCLIENT
Remove ASCLIENT and PLATRCVR from your system startup and shutdown procedures.
Remove the Fan-Out driver’s RACF exit.
Install the driver shim on the connected system.
For details, see Installing the Driver Shim on the Connected System.
To configure the driver:
Install and set up the Identity Manager driver for RACF on the Metadirectory server.
For details, see Creating the Driver in Designer.
Make any required policy modifications.
Create or modify an appropriate policy to use the alternative naming attribute if one was used by the Fan-Out driver. For more information about policy customization, see the Identity Manager 4.8 Documentation Web site.
Start the driver.
Click the upper right corner of the driver icon, then click Start driver.
Migrate the users to make new associations. For details, see Migrating Identities from the Identity Vault to the Connected System and Migrating Identities from the Connected System to the Identity Vault.
Perform the tasks listed in Post-Installation Tasks.
After the new driver is operating properly, you can remove the Fan-Out driver components:
Delete the Platform object from the Fan-Out driver configuration.
On the connected system, uninstall Platform Services.
If this is the last platform being served by the Fan-Out driver, you can uninstall the Fan-Out core driver.
Remove the ASAM directory from the file system.
Remove the ASAM System container object and all of its subordinates from the tree.
Uninstall the Fan-Out driver plug-ins.