The update of the Identity Manager components on Linux is supported through a single script. You must run the install.sh script to update these components. The components include Identity Manager Engine, Remote Loader, Fanout Agent, iManager Web Administration, Identity Applications, and Identity Reporting.
NOTE:Before updating the Remote Loader, ensure that the following components are stopped:
Remote Loader instances
Driver instances running with the Remote Loader
Identity Vault
NetIQ provides two options for updating the components to the current version: interactive and silent.
Download and mount the Identity_Manager_4.8.4_Linux.iso file from the download site.
Navigate to the <ISO mounted location> and run the following command:
./install.sh
Specify the component that you want to update.
NOTE:You can update only one component at a time.
To start the Identity Manager components, run the following commands:
Remote Loader: rdxml -config <filename>
Fanout Agent: Perform the following steps:
Navigate to /opt/novell/dirxml/fanoutagent/bin directory.
Run the following command:
./startAgent –config <FanoutAgent Installation Location>/config/fanoutagentconfig.properties
Identity Applications: systemctl start netiq-tomcat.service
Identity Reporting: systemctl start netiq-tomcat.service
(Conditional) If you have applied any customizations on Identity Applications and Identity Reporting components, restore the customizations and restart the Tomcat service.
(Conditional) Clear your browser cache before accessing the updated Identity Applications Dashboard.
Locate the silent.properties file from the extracted directory and modify the file to update the required components.
To update the Identity Vault, set IDVAULT_SKIP_UPDATE=false
To update Identity Manager Engine, set INSTALL_ENGINE=true
To update Remote Loader, set INSTALL_RL=true
To update Fanout Agent, set INSTALL_FOA=true
To update iManager, set INSTALL_IMAN=true
To update Identity Reporting, set INSTALL_REPORTING=true
To update Identity Applications, set INSTALL_UA=true
NOTE:
You must set the value to true for only one component at a time.
While updating any component other than Identity Vault, you must always set the value of IDVAULT_SKIP_UPDATE to true to skip the Identity Vault update.
When you update iManager, the iManager plug-ins, if any, are also upgraded.
Perform the following actions to update the components silently:
Download and mount the Identity_Manager_4.8.4_Linux.iso file from the download site.
Navigate to the <ISO mounted location> directory.
Run the following command:
./install.sh -s -f silent.properties
To start the Identity Manager components, run the following commands:
Remote Loader: rdxml -config <filename>
Fanout Agent: Perform the following steps:
Navigate to /opt/novell/dirxml/fanoutagent/bin directory.
Run the following command:
./startAgent –config <FanoutAgent Installation Location>/config/fanoutagentconfig.properties
Identity Applications: systemctl start netiq-tomcat.service
Identity Reporting: systemctl start netiq-tomcat.service
(Conditional) If you have applied any customizations on Identity Applications and Identity Reporting components, restore the customizations and restart the Tomcat service.
(Conditional) Clear your browser cache before accessing the updated Identity Applications Dashboard.
The following considerations apply before updating PostgreSQL:
NetIQ recommends you to update PostgreSQL to the latest version when you are using PostgreSQL shipped with Identity Manager and when PostgreSQL (shipped with Idenity Manager) is installed on the same server as Identity Applications or Identity Reporting. For information on the supported versions of PostgreSQL, see the Identity Manager 4.8.x System Requirements Guide.
If Identity Vault and PostgreSQL are installed on the same server, update Identity Vault before you update PostgreSQL.
NOTE:In addition to the default capabilities offered by PostgreSQL 12.6, this service pack allows you to configure the PostgreSQL database with SSL (OpenSSL 1.0.2y built with FIPS). This service pack also bundles the PostgreSQL Contrib packages.
Download and mount the Identity_Manager_4.8.4_Linux.iso file from the download site.
Navigate to the <ISO mounted location>/common/scripts directory and run the pg-upgrade.sh script.
NOTE:To specify a different directory than the existing directory, run the SPECIFY_NEW_PG_DATA_DIR=true ./pg-upgrade.sh command.
The upgrade script performs the following actions:
Takes a backup of the existing postgres to a different folder. For example, from /opt/netiq/idm/postgres to /opt/netiq/idm/postgres-<timestamp>-backup.
Updates the existing Postgres directory. For example, /opt/netiq/idm/postgres.
Specify the following details to complete the installation:
Existing Postgres install location: Specify the location where PostgreSQL is installed. For example, /opt/netiq/idm/postgres.
Existing Postgres Data Directory: Specify the location of the existing PostgreSQL data directory. For example, /opt/netiq/idm/postgres/data.
Existing Postgres Database Password: Specify the PostgreSQL password.
Enter New Postgres Data Directory: Specify the location of the new PostgresSQL data directory. This prompt is displayed if you selected to specify a different directory other than the existing directory.
NOTE:
If SSPR auditing output format type is CEF, make sure to uninstall the NetIQ Self Service Password Reset Collector on Sentinel Syslog server before updating SSPR. For more information, see Considerations for Updating SSPR on Linux and Windows.
Use this method if SSPR is:
Installed on a different server than the Identity Applications server.
Installed in a Standard Edition.
Perform the following steps to update SSPR:
Download and mount the Identity_Manager_4.8.4_Linux.iso file.
Navigate to the <ISO mounted location>/sspr directory.
Run the following command:
./install.sh
Specify inputs in the prompt.