test

Sun OpenSSO Enterprise 8.0 Upgrade Guide

ProcedureTo Migrate a Version 2.2 Agent

  1. Login to the server where the version 2.2 agent is installed.

    To migrate the agent, you must have write permission to the version 2.2 agent's web container files and directories.

  2. If necessary, set your JAVA_HOME environment variable to point to an installed JDK version 1.5 or later.

  3. Stop the web container instance for the version 2.2 agent.

  4. Create a directory to download and unzip the version 3.0 agent. For example: /opt/v30agent

  5. Download and unzip the version 3.0 agent that corresponds to the version 2.2 agent you are migrating.

    The version 3.0 agents are available from the Sun Downloads site under View by Category, Identity Management, and then Policy Agents: http://www.sun.com/download/index.jsp

  6. Change to the version 3.0 agent's /bin directory.

    For example, if you downloaded and unzipped the version 3.0 Apache HTTP Server 2.0.x agent in the /opt/v30agent directory:

    cd /opt/v30agent/web_agents/apache_agent/bin

  7. Run the version 3.0 agentadmin program with the --migrate option. For example:

    ./agentadmin --migrate

  8. When the agentadmin program prompts you, enter the path to the version 2.2 agent's deployment directory. For example:

    /opt/v22agent/web_agents/apache_agent

    In this example, /opt/v22agent is the directory where you downloaded and unzipped the version 2.2 agent.

    The agentadmin program migrates the version 2.2 agent.

  9. Copy the Agent_nnn/config/OpenSSOAgentConfiguration.properties file to the /bin directory where ssoadm is installed on the OpenSSO Enterprise server.

    Agent_nnn is the policy agent instance. For example: Agent_001 or Agent_002

  10. In OpenSSOAgentConfiguration.properties, add the un-encrypted version 2.2 agent profile password at the end of the file, as follows:

    userpassword=un-encrypted-v2.2–agent-profile-password

  11. On OpenSSO Enterprise server, create a password file for the OpenSSO Enterprise administrator (amadmin).

    This password file is an ASCII text file with only one line specifying the amadmin password in plain text. For example: /tmp/amadminpw

  12. On OpenSSO Enterprise server, run ssoadm to create a new agent configuration in the OpenSSO Enterprise centralized agent configuration repository. For example:

    cd tools-zip-root/opensso/bin
./ssoadm create-agent -b Migratedv3.0Agent -t WebAgent -u amadmin 
-f /tmp/amadminpw -D ./OpenSSOAgentConfiguration.properties

    In this example:

    • tools-zip-root is the directory where you unzipped the openssoAdminTools.zip file.

    • Migratedv3.0Agent is the version 3.0 agent profile name.

    • WebAgent is the agent type for web agents. For a Java EE agent, the agent type is J2EEAgent.

    • /tmp/amadminpw is the path to the amadmin password file.

    Caution: After you run ssoadm, you might want to delete OpenSSOAgentConfiguration.properties from the /bin directory. This file contains sensitive information, including as the agent profile password, and the original file is maintained on the server where the agent is installed.

  13. Restart the web container instance for the migrated agent.

Next Steps

After you migrate the agent, you can manage the new 3.0 agent configuration using the OpenSSO Enterprise Administration Console or the ssoadm utility.