3.1 Upgrading on Linux

When using the Linux platform, only the 3.1 SP4 Access Gateway Service can be upgraded to 3.2. Other Linux hosted 3.1 SP4 components such as the Administration Console, Identity Server, SSL VPN, and Access Gateway Appliance (also known as Linux Access Gateway) must be migrated. For more information on migrating those components, see Section 2.2, Migrating Access Manager on SLES.

3.1.1 Upgrading the 3.1 SP4 Access Gateway Service

Prerequisites for Access Gateway Service

  • Manually back up the /var/opt/novell/tomcat5/conf/tomcat5.conf and /var/opt/novell/tomcat5/conf/server.xml files.

    The ag_upgrade.sh script takes care of backing up the remaining customized files automatically. These files get automatically backed up at the /root/novell_access_manager.tar.gz folder and includes apache configuration and error pages.

Process of Upgrading the 3.1 SP4 Access Gateway Service

Before you proceed with the steps for upgrading ensure you have followed the instructions in the Prerequisites for Access Gateway Service section.

  1. Download the AM_32_AccessGatewayService_Linux_64.tar.gz file from the NetIQ download site and extract it using the following command:

    tar -xzvf <AM_32_AccessGatewayService_Linux_64.tar.gz>

  2. Run the ag_upgrade.sh script from the folder to start the upgrade.

    The ag_upgrade.sh script upgrades the 3.1 SP4 Access Gateway Service to version 3.2.

  3. Specify the following information:

    User ID: Specify the name of the administration user for the Administration Console.

    Password and Re-enter Password: Specify and re-enter the password for the administration user account.

    The Access Gateway Service is upgraded. The following message is displayed when upgrade is complete:

    Starting Access Manager services...
    Backup of customized files are available at /root/novell_access_manager.tar.gz. Restore them if required. 
  4. View the log files. The install logs are located in the /tmp/novell_access_manager/ directory.

  5. Restore any customized files from the backup taken earlier as part of steps in Prerequisites for Access Gateway Service.

    To restore the files, copy the content of the following files to the corresponding file in the new location.

    Old File Locations

    New File Location

    /root/novell_access_manager/apache2/(contains apache var files)


    /root/novell_access_manager/nesp/ (contains modified error pages)



    If you have modified any elements or attributes in the 3.1 SP4 environment the corresponding changes will need to be applied to the 3.2 server.xml file. Typical changes done to the server.xml in 3.1 SP4 include modifying the 'Address=' to restrict the IP address the application will listen on, or 'maxThreads=' attributes to modify the number of threads.

    In the following example, 3.1 SP4 has customized maxThreads value.

    <<Connector port="9009" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" address="" minSpareThreads="25" maxThreads="700" backlog="0" connectionTimeout="20000, ... ../>

    Make a note of the customizations and copy paste the changed values in the 3.2 server.xml file


    Copy any elements or attributes that you have customized in the tomcat5.conf file to the tomcat7.conf file.For example, if you have included the environment variable to increase the heap size by using -Xmx/Xms/Xss attributes in the tomcat5.conf file, copy this variable to the 3.2 /opt/novell/nam/idp/conf/tomcat7.conf file.

  6. Modify the required properties in /opt/novell/nam/mag/webapps/agm/WEB-INF/agm.properties using back up file /root/novell_access_manager/agm/agm.properties. If you have customized the agm.properties file from the backup taken in 3.1 SP4, ensure that you apply the same to the new 3.2 /opt/novell/nam/mag/webapps/agm/WEB-INF/agm.properties file. An example below shows the how to enable the backend webserver's webpage caching and the cache location.



  7. Change the ownerships of the following files (with read access to tomcat user) using the following commands:

    chown -R novlwww:novlwww /var/opt/novell/tomcat7/webapps/nesp/jsp/

    chown -R novlwww:novlwww /opt/novell/nam/mag/webapps/agm/WEB-INF/agm.properties

  8. On the newly added Access Gateway Service, restart Tomcat using the /etc/init.d/novell-mag restart or rcnovell-mag restart command.