1.2 Migrating User Application Drivers

Role Service drivers are not migrated. If you have an existing Role Service driver for version 3.6 or 3.6.1, you must create a new one for version 3.7.

1.2.1 About User Application Driver Migration

Migrating the User Application driver ensures that the driver contains the necessary configuration for new features, maintains support for existing configurations (for example, custom entities and provisioning request definitions), adds new driver properties, and updates the following:

  • Directory abstraction layer definitions

  • Provisioning request definitions

  • Roles and resources

  • Several non-visible runtime configuration objects

You can set preferences for migrating the User Application driver (see the section on setting provisioning view preferences in the Identity Manager User Application: Design Guide.

The User Application driver migration utility migrates only the User Application configuration of the User Application driver. It does not migrate the entire driver. Specifically, it doesn't migrate policies. These are handled by the general Designer and the deploy code.

1.2.2 Updating Default Notification Templates

The latest Default Notification Templates do not get automatically deployed to your Identity Vault during migration. These templates are required for all role, resource, and attestation assignments to work. You will need to manually add and deploy these required templates before migrating your User Application driver. Otherwise, your User Application driver migration will end in warnings.

Use the following steps to deploy the notification templates:

  1. Launch Designer 3.5 and create a Project.

  2. In Outline view, right-click on the Project name and select Live>Import. Select Default Notification Collection from eDirectory.

  3. Right-click the Default Notification Collection and select Add All Templates.

    If you have made changes to any of the default notification templates, make sure to uncheck the Overwrite existing templates checkbox so that your changes do not get overwritten.

  4. Click OK.

  5. Right-click the Default Notification Collection again and choose Live>Deploy to deploy all the templates.

1.2.3 Migrating a User Application Driver

  1. Make a backup copy of the provisioning project that contains the User Application driver to migrate:

    1. Right-click the name of the project in Project view, then select Copy Project.

    2. In the Copy Project dialog box, type a new Project Name (or accept the default name), then click OK.

  2. Use one of the following methods to run the Migrate command for the User Application that you want to migrate.

    • In the Provisioning View, right-click the name of the User Application driver and select Migrate.

    • In the Modeler view, right-click the name of the User Application driver and select Application > Migrate.

    • In the Outline view, right-click the name of the User Application driver, and select Migrate.

    This migrates the local definition of the driver found in the Designer workspace. These changes are not made to the Identity Vault until after you deploy the changes.

  3. If the Close All Editors dialog box displays, select Yes.

    If you have unsaved work in an open editor, the Save Resource dialog box displays.

  4. If the Save Resource dialog box is displayed, select Yes to save changes in open editors.

  5. If you are prompted for a driver version to migrate to, select IDM 3.7 (Roles Based Provisioning Module), then click OK.

  6. Designer warns you that schema changes are required in the Identity Vault. Select Yes to continue the migration (if you have already updated the Identity Vault schema in a separate process), or select No to cancel the migration (if you have not already updated the Identity Vault schema).

    NOTE:The Identity Vault schema is updated when you run the RBPM Installation.

When the migration completes, Designer displays a dialog box listing information, warnings, and errors encountered during migration. For example, for all objects added during migration, informational text displays for those objects. You can perform several operations by using this dialog box.

  • The migration does not automatically save a log file describing the content of the dialog box to the project-name/Provisioning/AppConfig folder for the associated User Application. You can manually save it here. The default name of the file is migrationLogdate.log. You can also save the migration log to a file anywhere on disk by clicking the floppy disk icon in the upper right corner of the dialog box.

  • To revert to the original User Application configuration (for example, if errors occurred during the migration) click the Undo Migration button.

    You can undo the migration until you click OK in the dialog box.

  • To deploy the driver, you can select Deploy migrated User Application; or, if you want to deploy the driver later after validating the project using the project checker, follow the steps in Deploying the Migrated Driver to complete the process.

NOTE:When you migrate a driver, ensure that all other drivers in the same driver set are also migrated to the same version.

1.2.4 Deploying the Migrated Driver

The driver migration is not complete until you deploy the entire driver to the Identity Vault.

  1. Open the project in Designer and run the Project Checker on the migrated objects.

    See “Validating Provisioning Objects” in the Identity Manager User Application: Design Guide. If validation errors exist for the configuration, you are informed of the errors. These errors must be corrected before you can deploy the driver.

  2. Navigate to the Outline view, right-click the driver, and select Deploy, or in the Modeler view, right-click the driver and choose Driver > Deploy.

    After the migration, the project is in a state in which only the entire migrated configuration can be deployed. You cannot import any definitions into the migrated configuration. After the entire migration configuration has been deployed, this restriction is lifted, and you can deploy individual objects and import definitions.

  3. Repeat this process for each User Application driver in the driver set.