Oracle® Access Manager Upgrade Guide 10g (10.1.4.0.1) Part Number B25354-01 |
|
|
View PDF |
As discussed in Chapter 1, "Upgrade Overview and Planning", planning deliverables include a document where you define and record a detailed plan that identifies how the upgrade process is to be performed within each of your installed environments. The details that you need to include for each component and the environment are described in this chapter, as follows:
As part of your planning deliverables, a filled in worksheet is needed for each installed component. The worksheets in this appendix provide space where you can document details. You may copy worksheets in this appendix and fill them in for each component and customization. You may use earlier installation worksheets as a starting point.
Any details that you can access and print in your earlier installation will save you time and eliminate the possibility of errors. For example, consider printing directory server profiles and DB instance profiles, as well as WebPass, Access Server, and WebGate configuration pages.
Note: Be sure to store worksheets, printed copies, and other recorded details about your installation in a secure location. |
For more information, see "Upgrade Planning and Deliverables".
The checklists in this appendix are provided to help you track the progress of tasks that are completed as you and your team perform the preparation and upgrade activities in your enterprise. You will find information about how to perform each task in chapters within this manual. Most items in the checklists are links to more information.
Table E-1 provides space for you to record general information when planning to upgrade Oracle Access Manager. Other worksheets in this appendix provide space for specific details related to each component.
Table E-1 Details for Your Overall Deployment
Task | Subtask | Overall Deployment Worksheet |
---|---|---|
0 |
0.1 |
Deployment Name: ________________________________________________________________ Deployment Type (circle all that apply): Identity System Only Joint Identity and Access System Intranet Deployment Extranet Deployment Development Test/Demo QA Production Other Master Administrator for this deployment:___________________________________________ Deterministic test script developed by:_______________________________________________ Date of the last validation of system operation:________________________________________ |
0.2 |
Total number of each component in this environment: Identity Servers:____________________________________________________________________ WebPass Instances:_________________________________________________________________ Independently installed SDKs:________________________________________________________ Identity customizations:_____________________________________________________________ If Joint Identity and Access System, enter, total number of: Policy Managers (formerly known as Access Manager component):_______________________ Access Servers:____________________________________________________________________ WebGates:________________________________________________________________________ Custom AccessGates:_______________________________________________________________ Access customizations:_____________________________________________________________ Integration connectors:_____________________________________________________________ __________________________________________________________________________________ |
|
0.3 |
Total number of (and potential downtime windows for): Directory Instances for Identity Servers only:__________________________________________ Potential downtime windows:_______________________________________________________ If Joint Identity and Access System: Directory Instances for Policy Managers only:________________________________________ Potential downtime windows:____________________________________________________ Directory Instances used by both Identity Servers and Policy Managers:_________________ Potential downtime windows:_______________________________________________________ |
|
0.4 |
Applications that depend on this deployment, owners, and potential downtime windows: __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ |
|
0.5 |
Change control procedures:__________________________________________________________ __________________________________________________________________________________ Scheduled maintenance windows:_____________________________________________________ __________________________________________________________________________________ Off hours operation windows:_______________________________________________________ __________________________________________________________________________________ |
|
0.6 |
Potential Identity System Downtime Estimates: Preparing for the Identity Schema and Data Upgrade:___________________________________ Directory Server Backups:____________________________________________________________ File System Backups:_________________________________________________________________ Schema Upgrade:___________________________________________________________________ Data Upgrade:_____________________________________________________________________ Identity Server Component Upgrades:________________________________________________ WebPass Instance Upgrades:_________________________________________________________ Identity System Customization Upgrades:_____________________________________________ Identity System Customization Redeployment:_________________________________________ Identity System Customization After Upgrading:_______________________________________ Identity System Upgrade Validation:__________________________________________________ |
|
0.7 |
Potential Access System Downtime Estimates: Preparing for the Access Schema and Data Upgrade:____________________________________ Directory Server Backups:____________________________________________________________ File System Backups:_________________________________________________________________ Schema Upgrade:___________________________________________________________________ Data Upgrade:______________________________________________________________________ Policy Manager Component Upgrades:________________________________________________ Access Server Component Upgrades:_________________________________________________ WebGate Component Upgrades:_____________________________________________________ Access System Customization Upgrades:______________________________________________ Access System Customization Redeployment:__________________________________________ Access System Customization After Upgrading:_________________________________________ Access System Upgrade Validation:____________________________________________________ |
Table E-2 provides space for the information you need for each directory instance in your existing Oracle Access Manager installation.
Table E-2 Details for Directory Instances
Task | Subtask | Directory Instance Details |
---|---|---|
1 |
1.1 |
Directory server type:_______________________________________________________________ Directory server version:____________________________________________________________ Directory server patch level:_________________________________________________________ |
1.2 |
Directory Server Details Directory server DNS hostname or IP address:__________________________________________ Directory server port #: ______________________________________________________________ Root bind DN for Oracle Access Manager:______________________________________________ Root password______________________________________________________________________ Searchbase__________________________________________________________________________ Configuration base__________________________________________________________________ Directory server security mode Open SSL Disjoint searchbase___________________________________________________________________ |
|
1.3 |
Directory Server/RDBMS Profiles (for more information, see specific worksheets for each) ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
1.4 |
Master/replica configuration details: ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
1.5 |
Types of data in the directory server (circle all that apply): User Data Configuration Data Policy Data |
|
1.6 |
Person Object Class__________________________________________________________________ Group Object Class_________________________________________________________________ User full name attribute:_____________________________________________________________ User login ID attribute:_______________________________________________________________ Password attribute:_________________________________________________________________ |
|
1.7 |
User full name attribute: |
|
1.8 |
User login ID attribute: |
|
1.9 |
Password attribute: |
The following worksheet provides space where you can record information about the DIT and object definitions. Table E-3 provides space for the information you need for each directory instance.
Table E-3 DIT and Object Definition Details
Task | Subtask | DIT and Object Definition Details |
---|---|---|
2 |
2.1 |
Directory server DNS hostname or IP address:__________________________________________ Directory server port #: _____________________________________________________________ |
2.2 |
DIT and schema objects used in Oracle Access Manager__________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
2.3 |
Object definition details for all objects managed through Oracle Access Manager: ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table E-4 provides space where you can record information about each directory server/RDBMS profile. Consider printing this information from your existing installation.
Table E-4 Details for Directory Server/RDBMS Profiles for Oracle Access Manager
Task | Subtask | Directory Server/RDBMS Profile Details |
---|---|---|
3 |
3.1 |
Directory server DNS hostname or IP address:___________________________________________ Directory server port #: _______________________________________________________________ |
3.2 |
Directory Server Profile Profile Name____________________________________:___________________________________ Namespace (searchbase): _____________________________________________________________ Directory Type:______________________________________________________________________ Dynamic Auxiliary Classes |
|
3.3 |
Operations (circle all that apply) Search Operations: Search Entries Authenticate Users Read Operations: Read Entry Write Operations: Create Entry Modify Entry Delete Entry Change Password |
|
3.4 |
Used by components (record all that apply) All Identity Servers:_____________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Access Servers_______________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Policy Managers (formerly Access Managers)____________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
3.5 |
Write Operations: Create Entry Modify Entry Delete Entry Change Password |
|
3.6 |
Database Instances (for more information, see specific worksheets for each) ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
3.7 |
Maximum Active Servers:____________________________________________________________ Failover Threshold:__________________________________________________________________ Sleep for seconds:___________________________________________________________________ Max. Session Time (minutes):_________________________________________________________ |
Table E-5 provides space for the information you need for each database instance profile associated with a directory server instance. Consider printing this information from your existing installation.
Table E-5 Details for DB Instance Profiles
Task | Subtask | DB Instance Profile Details |
---|---|---|
4 |
4.1 |
Directory Server Instance Name_______________________________________________________ Machine Name hosting the directory instance___________________________________________ Port Number: ______________________________________________________________________ Root DN:___________________________________________________________________________ Root DN Password:__________________________________________________________________ Time Limit:_________________________________________________________________________ Size Limit:__________________________________________________________________________ Flags: SSL Referral Fast Bind (AD only) Secure Port Number_________________________________________________________________ Initial Connections:__________________________________________________________________ Maximum Connections:______________________________________________________________ |
Table E-6 provides space for the information you need for each Identity Server.
Table E-6 Details for Existing Identity Servers
Task | Subtask | Existing Identity Server Details |
---|---|---|
Prepare for Identity Server Upgrade in Environment: Total Number of Identity Servers in this environment: |
||
5 |
Identity Server Details Installation directory of this Identity Server _____________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ Installation directory for the associated WebPass_________________________________________ |
|
5.1 |
Default Locale (Administrator Language) Languages Language Packs |
|
5.2 |
Transport security mode between the Identity Server and WebPass: Open Simple Cert |
|
5.3 |
Unique Identity Server ID of this instance:______________________________________________ Host name of the machine where the Identity Server is installed___________________________ Port number for Identity Server/WebPass communication________________________________ |
|
5.4 |
Is this the master Identity Server? (There can be only one installed to update the schema/data) Directory server type___________________ _____________________________________________ For more information for this Directory Instance, see worksheet____ ______________________ |
|
5.5 |
Security mode between directory server and Identity Server: SSL Open |
|
If SSL, path to the Root CA certificate: |
||
Simple mode onlyGlobal Access Protocol pass phrase |
||
Cert Mode OnlyCertificate PEM pass phrase:__________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
5.6 |
(Windows only) Unique Identity Server service name that will differentiate this instance in the Services window if you install several instances of Identity Server): |
|
5.7 |
Auditing configuration ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
5.8 |
Password policy configuration ____________________________________________________________________________________ |
|
5.9 |
Any customizations (Identity Event plug-ins, styles, Portal Inserts and the like)? See worksheets: ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
5.10 |
File-based changes (globalparams.xml, and the like)? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table E-7 provides space for the information you need for each WebPass, some of which may be printed from the Identity System Console.
Table E-7 Details for existing WebPass Instances
Task | Subtask | Existing WebPass Details |
---|---|---|
6 |
Prepare for WebPass Instances Upgrade in Environment: Total Number of WebPass Instances in this environment: |
|
6.1 |
WebPass Instance Details Installation directory of this WebPass Instance __________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ WebPass hostname:_________________________________________________________________
|
|
6.2 |
Default Locale (Administrator Language) Languages Language Packs Same Language Packs as the Identity Server |
|
6.3 |
Transport security mode between the Identity Server and WebPass: Open Simple Cert |
|
Simple mode onlyGlobal Access Protocol pass phrase |
||
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
6.4 |
WebPass ID used by Oracle Access Manager to identify the instance: |
|
6.5 |
DNS hostname of the Identity Server with which this WebPass communicates:_______________ Installation directory for the associated Identity Server___________________________________ Identity Server Port # for communication with WebPass: |
|
6.6 |
Any customizations? ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
6.7 |
File-based changes? ____________________________________________________________________________________ |
Table E-8 provides space for the information you need for each existing Policy Manager (formerly known as the Access Manager component).
Table E-8 Details for Existing Policy Managers
Task | Subtask | Existing Policy Manager Details |
---|---|---|
7 |
Prepare for Policy Manager Upgrade in Environment: Total Number of Policy Managers in this environment: |
|
7.1 |
Policy Manager Instance Details Installation directory of this Policy Manager Instance ____________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ Policy Manager hostname:___________________________________________________________
|
|
7.2 |
Default Locale (Administrator Language) Languages Language Packs |
|
7.3 |
Transport security mode between the Policy Manager and Access Servers: Open Simple Cert |
|
Simple mode onlyGlobal Access Protocol pass phrase: |
||
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
7.4 |
Is this the master Policy Manager for the schema/data upgrade? Yes No Where is policy data stored? - User data directory server- Configuration data directory server- Separate directory server Directory server type___________________ ____________________________________________ Searchbase where user data is stored:__________________________________________________ Configuration DN:__________________________________________________________________ Policy base:________________________________________________________________________ For more information for this Directory Instance, see worksheet____ _____________________ |
|
If the security mode between the directory server and the Policy Manager is SSL, the path to the SSL certificate is:_________________________________________________________________ |
||
7.5 |
Person object class name: |
|
7.6 |
Policy Manager policy domain root: |
|
7.7 |
Configured authentication schemes? Yes No If Yes, select authentication scheme or schemes: Authentication Schemes - Basic Over LDAP - Client Certificate - Anonymous - Oracle Access and Identity - Oracle Access and Identity for AD Forests - Others ____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
7.8 |
Configure Oracle Access Manager-related policy domains? Yes No If Yes, select policy domains: Policy Domains - Identity Domain (a default) - Access Domain (a default) Others _____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
7.9 |
Configured policies to protect Oracle Access Manager-related URLs? Yes No Details_____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________. |
|
7.10 |
Any customizations? ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
7.11 |
File-based changes? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table E-9 provides a space for information you need to record for each earlier Access Server. Consider printing some of this information from the Access System Console.
Table E-9 Details for Existing Access Servers
Task | Subtask | Access Server Details |
---|---|---|
8 |
Access Server Details Total number of Access Servers |
|
8.1 |
Access Server Instance Details Installation directory of this Access Server Instance ______________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ |
|
8.2 |
Access Server Details in the System Console Access Server name__________________________________________________________________ Access Server host name______________________________________________________________ Port # the Access Server listens to______________________________________________________ Transport security between Access Server and associated WebGate: Open Simple Cert Associated WebGate ID_______________________________________________________________ Access Management flag On Off |
|
8.3 |
Default Locale (Administrator Language) Languages Language Packs |
|
8.4 |
Which directory server stores the configuration data? Same as Policy Manager directory server? Yes No Configuration DN_________________________________________________________________ If no, see worksheet for directory server instance________________________________________ Host machine_______________________________________________________________________ Port number________________________________________________________________________ Root DN____________________________________________________________________________ Root DN password___________________________________________________________________ Directory type_______________________________________________________________________ Security mode between the configuration data directory server and the Access Server: Open SSL |
|
8.5 |
Which directory server stores the policy data?___________________________________________ Policy base__________________________________________________________________________ For more information about the directory server instance, see the worksheet for____________ |
|
8.6 |
Save PEM phrase in a password file? (Simple and Cert modes only): Yes No |
|
Simple mode onlyGlobal Access Protocol pass phrase:____________________________________________________ Password file________________________________________________________________________ |
||
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Password file_______________________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
8.7 |
Auditing configuration ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
8.8 |
Any customizations (plug-ins, AccessGates, and the like), see the worksheets: ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
8.9 |
File-based changes? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table E-10 provides space for information you need for each WebGate/AccessGate. Consider printing some of this information from the Access System Console.
Table E-10 WebGate/AccessGate Details
Task | Subtask | WebGate/AccessGate Details |
---|---|---|
9 |
Prepare for WebGate/AccessGate Upgrade in Environment: Total Number of WebGates in this environment:_________________________________________ Total number of custom AccessGates in this environment:_________________________________ |
|
9.1 |
WebGate/AccessGate Instance and Web Server Details Installation directory of this Instance ___________________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________
|
|
9.2 |
WebGate/AccessGate Details in the Access System Console WebGate ID_________________________________________________________________________ WebGate hostname:__________________________________________________________________ WebGate port:_______________________________________________________________________ WebGate password__________________________________________________________________ Transport security between the Access Server and WebGate: Open Simple Cert Preferred http host___________________________________________________________________ HTTP cookie domain:________________________________________________________________ Cache timeout_______________________________________________________________________ |
|
9.3 |
Associated with Access Server ID______________________________________________________ Access Server DNS hostname__________________________________________________________ Port number on which Access Server listens_____________________________________________ Priority_____________________________________________________________________________ Number of connections_______________________________________________________________ |
|
9.4 |
Default Locale (Administrator Language) Languages Language Packs |
|
9.5 |
Transport security mode between the Access Server and WebGate/AccessGate: Open Simple Cert |
|
Simple mode onlyGlobal Access Protocol pass phrase____________________________________________________ |
||
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
9.6 |
Virtual IP and DNS aliases used to reference the WebPass or Web server farm protected with WebGate____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
9.7 |
Any customizations? ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
9.9 |
File-based changes? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table E-11 provides the information you need for Oracle Access Manager integration connectors for third-party products as well as independently installed software developer kits (SDKs).
Table E-11 Details for Integration Connectors and Independently Installed SDKs
Task | Subtask | Integration Connectors and Independently Installed SDK Details |
---|---|---|
10 |
Prepare for Upgrade in Environment: Total Number of Integration Connectors in this environment:_____________________________ Types of Integration Connectors in this environment:____________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Total number of independently installed SDKs in this environment:________________________ |
|
10.1 |
Integration Connector/SDK Instance and Web/App/Portal Server Details Installation directory of this Connector/SDK ____________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________
|
|
10.2 |
Default Locale (Administrator Language) Languages Language Packs |
Table E-12 provides the information you need for each customization.
Table E-12 Details for Existing Customizations
Task | Subtask | Details of Existing Customizations |
---|---|---|
11 |
11.1 |
Installation directory of the Customization _____________________________________________ Operating System and Patch Level_____________________________________________________ Other Oracle Access Manager components on this machine? Yes No Identity Server WebPass Policy Manager Access Server WebGate |
11.2 |
Workflows ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.3 |
Access Control Lists (ACLs) ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.4 |
Custom Identity Event plug-ins:_______________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.5 |
PresentationXML customizations ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.6 |
Styles and XSL stylesheet customizations: ______________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.7 |
IdentityXML clients and applications: __________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.8 |
Portal Inserts: ______________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.9 |
Customized Authentication plug-ins: __________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
11.10 |
____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Customized Authorization plug-ins: __________________________________________________ |
|
11.11 |
____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Access Manager API clients: __________________________________________________________ |
The checklist in Table E-13 may help you track the progress of preparing for the schema and data upgrade. The checklist includes links to information in this manual. Most tasks are described in Chapter 5, "Preparing for Schema and Data Upgrades". However, general procedures to prepare host machines are described in Chapter 8, "Preparing Components for the Upgrade".
Table E-13 Checklist for Schema and Data Preparation
The checklist in Table E-14 is provided to help you track the progress of upgrading the schema and data. Identity System details are described in Chapter 6, "Upgrading Identity System Schema and Data". If you have a joint Identity and Access System deployment, procedures for the Access System are described in Chapter 7, "Upgrading Access System Schema and Data".
Table E-14 Checklist for Schema and Data Upgrade
Done | Checklist for the Schema and Data Upgrade | Details |
---|---|---|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
Prerequisites, all preparation tasks in Checklist for Schema and Data Preparation |
||
Upgrading Identity System Schema and Data |
||
Joint Identity and Access System Deployments Only After performing all Identity System schema and data upgrade tasks described in this table and in Chapter 6, perform remaining tasks in this table as described in Chapter 7, "Upgrading Access System Schema and Data". |
The checklist in Table E-15 may help you track the progress of activities that you and your team perform when preparing for the component upgrade. Procedures are described in Chapter 8, "Preparing Components for the Upgrade". Most procedures apply equally to Identity System-only deployments and to joint Identity and Access System deployments.
Table E-15 Checklist for Component Preparation
Done | Checklist for Component Preparation | Details |
---|---|---|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
Checking Compatibility with Previous Releases |
||
Copying Custom Identity Event Plug-ins |
||
Preparing Earlier Customizations |
||
Preparing the Default Logout in the Policy Manager |
||
Changing Read Permissions on Password Files |
||
Preparing Release 6.x Environments |
||
Preparing Multi-Language Installations |
||
Backing Up Directories, Web Server Configurations, and Registry Details |
||
|
||
Logging in with Appropriate Administrative Rights |
The checklist in Table E-16 may help you track the progress of your component upgrades. Identity System procedures are described in Chapter 9, "Upgrading Remaining Identity System Components". Access System procedures are described in Chapter 10, "Upgrading Access System Components".
Table E-16 Checklist for Component Upgrades
Done | Checklist for Component Upgrades | Details |
---|---|---|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
Prerequisites, all tasks in Checklist for Component Preparation |
||
Upgrading Remaining Identity Servers ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
Upgrading Remaining WebPass Instances ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
Validating the Identity System Upgrade |
||
Backing Up Upgraded Identity Component Information |
||
Joint Identity and Access System Deployments Only Include After performing all Identity System upgrade tasks described in this table and in Chapter 9, perform remaining tasks in this table as described in Chapter 10, "Upgrading Access System Components". |
||
Upgrading Remaining Policy Managers ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
Backing Up Upgraded Access System Component Directories |
The checklist in Table E-17 may help you track the progress your integration connector or independently installed SDK upgrades (or both). The procedures are described in Chapter 11, "Upgrading Integration Components and an Independently Installed SDK".
Note: In an Identity System-only deployment, there will be no integration connectors to upgrade. When you have a joint Identity and Access System deployment, you must upgrade integration connectors before independently installed SDKs for the Access System. |
Table E-17 Checklist for Integration Connector/Independently Installed SDK Upgrades
Done | Checklist for Integration Connector/Independently Installed SDK Upgrades | Details |
---|---|---|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
Prerequisites, all tasks in Checklist for Component Upgrades |
||
Identity System-Only Deployments |
||
Upgrading Independently Installed Software Developer Kits |
||
Backing Up Upgraded Integration Connector or SDK Data |
||
Joint Identity and Access System Deployments Only |
||
Upgrading Third-Party Integration Connectors |
||
Upgrading Independently Installed Software Developer Kits |
||
Backing Up Upgraded Integration Connector or SDK Data |
The checklist in Table E-18 may help you track the progress of customization upgrades in your environment. Specific Identity System procedures are described in Chapter 12, "Upgrading Your Identity System Customizations". Access System procedures are described in Chapter 13, "Upgrading Your Access System Customizations".
Table E-18 Checklist for Customization Upgrades
Done | Checklist for Customization Upgrades | Details |
---|---|---|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
Prerequisites, all tasks in: |
||
Identity System-Only Deployments |
||
Upgrading Auditing and Access Reporting for the Identity System |
||
Combining Challenge and Response Attributes on a Panel |
||
Confirming Identity System Failover and Load Balancing |
||
Migrating Custom Identity Event Plug-Ins |
||
Ensuring Compatibility with Earlier Portal Inserts |
||
Incorporating Customizations from Release 6.5 and 7.x |
||
Incorporating Customizations from Releases Earlier than 6.5 |
||
Validating Identity System Customization Upgrades |
||
Other Customizations (see worksheet)_________________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ |
||
Backing Up Upgraded Identity System Customizations |
||
Access System Customizations Only |
||
Upgrading Auditing and Reporting for the Access Server |
||
Confirming Access System Failover and Load Balancing |
||
Upgrading Forms-based Authentication |
||
Recompiling and Redesigning Custom Authentication and Authorization Plug-Ins |
||
Associating Release 6.1.1 Authorization Rules with Access Policies |
||
Assuring Proper Authorization Failure Re-directs After Upgrading from 6.1.1 |
||
Updating the ObAMMasterAuditRule_getEscapeCharacter in Custom C Code |
||
Validating Access System Customization Upgrades |
||
Other Customizations (see worksheet)_________________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ |
||
Backing Up Upgraded Access System Customizations |
The checklist in Table E-19 may help you track the progress your customization upgrades. Specific procedures are described in Chapter 14, "Validating the Entire System Upgrade".
Table E-19 Checklist for Validating All Upgrades
Done | Checklist for Validating All Upgrades | Details |
---|---|---|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
Prerequisites, all tasks in: |
||
Identity System-Only Deployments |
||
Validating the Identity System Upgrade |
||
Reverting Identity Server Backward Compatibility |
||
Joint Identity and Access System Deployments After performing all Identity System upgrade tasks described in this table, perform remaining tasks in this table to validate the upgraded Access System upgrade. |
||
Validating Access System Upgrades |
||
Deleting the Temporary Directory Server Profile |
||
Reverting Access Server Backward Compatibility |