50.1 Checklist for Upgrading Identity Manager

To perform the upgrade, NetIQ recommends that you complete the steps in the following checklist.

Checklist Items

  1. Review the differences between an upgrade and a migration. For more information, see Section 50.2, Understanding Upgrade and Migration.

  1. Upgrade to Identity Manager 4.5. You cannot upgrade or migrate to version 4.5 from versions before 4.0.2. For more information, see the NetIQ Identity Manager Setup Guide 4.0.2.

  1. Ensure that you have the latest installation kit to upgrade Identity Manager.

  1. Learn about the interaction among Identity Manager components. For more information, see Section I, Introduction.

  1. Ensure that your computers meet the hardware and software prerequisites for a newer version of Identity Manager. For more information, see Section 6.0, Considerations and Prerequisites for Installation and the Release Notes for the version to which you want to upgrade.

  1. Stop and delete the Telemetry job. For more information, see Section 50.4, Deleting the Telemetry Job.

  1. Upgrade Designer to the latest version. For more information, see Section 51.1, Upgrading Designer.

  1. Back up the current project, driver configuration, and databases. For more information, see Section 50.3, Backing Up the Current Configuration.

  1. Install or upgrade iManager to the latest version for Identity Manager. For more information, see one of the following sections:

  1. On the server running Identity Manager, upgrade eDirectory to the latest version and patch.

    Upgrading eDirectory stops ndsd, which in turn stops all drivers. For more information, see the NetIQ eDirectory 8.8 Installation Guide and Identity Manager Release Notes.

  1. Update the iManager plug-ins to match the version of iManager. For more information, see Section 51.2.6, Updating iManager Plug-ins after an Upgrade or Re-installation.

  1. (Conditional) If you are upgrading from a 64-bit Identity Manager, start the drivers and verify that the drivers start.

    This step also verifies that the upgrade to eDirectory was successful. For more information, see Section 13.2.2, Starting the Drivers.

  1. Stop the drivers that are associated with the server where you installed the Identity Manager engine (Metadirectory). For more information, see Section 13.2.1, Stopping the Drivers.

  1. Upgrade the Identity Manager engine. For more information, see Section 51.4, Upgrading the Identity Manager Engine.

    NOTE:If you are migrating the Identity Manager engine to a new server, you can use the same the eDirectory replicas that are on the current Identity Manager server. For more information, see Section 54.4, Migrating the Identity Manager Engine to a New Server.

  1. (Conditional) If any of the drivers in the driver set for the Identity Manager Engine are Remote Loader drivers, upgrade the Remote Loader servers for each driver. For more information, see Section 51.3, Upgrading the Remote Loader.

  1. (Conditional) If you are using packages instead of driver configuration files, upgrade the packages on the existing drivers to get new policies. For more information, see Section 51.7, Upgrading the Identity Manager Drivers.

    This is only required if a newer version of a package is available and there is a new functionality included in the policies for a driver that you want to add to your existing driver.

  1. Update the Event Auditing Service. For more information, see Section 51.5.2, Upgrading the Event Auditing Service.

  1. If you are using Role Mapping Administrator, uninstall it because it is not supported in Identity Manager 4.5. Catalog Administrator is the enhancement and replacement for Role Mapping Administrator. For more information about uninstalling the Role Mapping Administrator, see Section 55.6, Uninstalling Role Mapping Administrator.

  1. Upgrade or install Tomcat and PostgreSQL. For more information, see Section VIII, Installing PostgreSQL and Tomcat for Identity Manager.

  1. Install OSP and SSPR. For more information, see Section IX, Installing the Single Sign-on and Password Management Components.

    NOTE:You do not need to install SSPR if you use the legacy provider for password management. For more information, see Section 4.4.2, Understanding the Legacy Password Management Provider.

  1. Update the User Application, Home and Provisioning Dashboard, and Catalog Administrator. For more information, see Section XV, Migrating Identity Manager Data to a New Installation.

  1. Upgrade Identity Reporting and associated drivers. For more information, see Section 51.5, Upgrading the Identity Reporting.

  1. Start the drivers associated with the Identity Applications and the Identity Manager engine. For more information, see Section 13.2.2, Starting the Drivers.

  1. (Conditional) If you migrated the Identity Manager engine or the identity applications to a new server, add the new server to the driver set. For more information, see Section 51.8, Adding New Servers to the Driver Set.

  1. (Conditional) If you have custom policies and rules, restore your customize settings. For more information, see Section 51.9, Restoring Custom Policies and Rules to the Driver.

  1. Activate your upgraded Identity Manager solution. For more information, see Section 51.5, Upgrading the Identity Reporting.

  1. (Conditional) If you are using NetIQ Sentinel, ensure that you are running the latest service pack. For more information about upgrading Sentinel, see the NetIQ Sentinel Installation and Configuration Guide.