13 Upgrading to Oracle Identity Manager 9.0.1 from Versions 8.5.2 or 8.5.3

Oracle Identity Manager has formerly been known as both Oracle Xellerate Identity Provisioning and also Thor Xellerate Identity Manager. The Oracle Identity Manager Audit and Compliance module, formerly known as Oracle Xellerate Audit and Compliance Manager, is a new, optional module that installs on top of Oracle Identity Manager and facilitates user profile auditing.

Upgrade Overview

Both Oracle Identity Manager and the Oracle Identity Manager Audit and Compliance module run on the WebSphere application server version 5.1.1.5. Upgrading from Oracle Xellerate Identity Provisioning version 8.5.2 or 8.5.3 (henceforth referred to collectively as version 8.5.x) to Oracle Identity Manager version 9.0.1, and upgrading from the Oracle Xellerate Audit and Compliance Manager 8.5.x to Oracle Identity Manager Audit and Compliance module 9.0.1 requires upgrading with the Oracle Identity Manager version 9.0.1 application.

The following is a list of the steps required in the upgrade process:

1. Upgrade the database you used for Oracle Xellerate Identity Provisioning 8.5.x. Refer to "Upgrading Your Database" for more information.

2. Prepare for the upgrade to Oracle Identity Manager 9.0.1 by performing the pre-upgrade configuration tasks. Refer to "Pre-Upgrade Configuration" for more information.

3. Migrating any version 8.5.x custom code to your new Oracle Identity Manager 9.0.1 deployment. Refer to "Migrating Custom Code to 9.0.1" for more information.

4. Upgrade your legacy Oracle Xellerate Identity Provisioning 8.5.x deployment to Oracle Identity Manager 9.0.1. Refer to "Migrating Custom Code to 9.0.1" for more information.

5. Perform the post-upgrade configuration tasks. Refer to "Post-Upgrade Configuration" for more information.

6. Update the Design Console xlDataObjectBeans.jar file. Refer to "Updating the Design Console xlDataObjectBeans.jar" for more information.

7. Upgrade to the version 9.0.1 Diagnostic Dashboard. Refer to "Upgrading the Diagnostic Dashboard" for more information.

Note: This chapter describes upgrade from Oracle Xellerate Identity Provisioning 8.5.2 or 8.5.3 to Oracle Identity Manager version 9.0.1, with optional addition of the Oracle Identity Manager Audit and Compliance. The Oracle Identity Manager 9.0.1 upgrade package is contained in upg_852_853_to_901.zip. Extract the contents of this package to a temporary directory on the machine where your existing 8.5.x installation is located. Henceforth, this document refers to this temporary directory as <Patch>. If you are running an earlier version of Oracle Xellerate Identity Provisioning, contact Oracle Technical Support for the appropriate upgrade patch.

Note: his document only covers upgrading to Oracle Identity Manager 9.0.1 from an Oracle Xellerate Identity Provisioning 8.5.x installation deployed on WebSphere application server.

Upgrading Your Database

Upgrade the database used by your Oracle Xellerate Identity Provisioning 8.5.x installation. You can choose among the following upgrade methods:

• Perform an in-place upgrade of the existing database configured for Oracle Xellerate Identity Provisioning 8.5.x.

• Create a new instance of the database, then import the data used by your Oracle Xellerate Identity Provisioning 8.5.x installation into that new database.

Upgrading an Existing Database Instance

This approach upgrades your existing database instance by upgrading the database schema while your database remains in-place.

1. Extract the contents of the Oracle Identity Manager 9.0.1 upgrade package (upg_852_853_to_901.zip) to a temporary directory on the machine that you plan to install Oracle Identity Manager 9.0.1. Henceforth, this document refers to this temporary directory as <Patch>.

2. Backup your existing database. As appropriate to your particular database, use the export/backup utilities provided with the Oracle database or SQL Server to perform a complete backup of your production database. Production database backup includes, but is not limited to, complete export or backup of the Oracle Xellerate Identity Provisioning 8.5.x database instance to ensure that no data is lost during the upgrade process. If the upgrade fails, this backup can be used to restore the database to its original state.

3. Verify your database configuration. Make sure that your existing database is properly configured. As appropriate for your database, consult the following documentation:

   Oracle

   "Setting Up the Oracle Database".

   SQL Server

   "Setting Up the SQL Server".

4. If you plan to install the optional Oracle Identity Manager Audit and Compliance module, you should create a separate file group for your SQL Server or a separate tablespace for Oracle databases to facilitate the new user profile auditing feature in version 9.0.1 of the Oracle Identity Manager Audit and Compliance module. If your database is SQL Server, you must create a new file group. If your database is Oracle, the new separate tablespace is not mandatory, but it is highly recommended for performance reasons.

   
   

   Note: Refer to "Creating a User Profile Audit File Group in SQL Server" for details on how to create a new file group in SQL Server. Refer to Oracle database documentation for details on setting up a tablespace for Oracle databases.

   
   

5. Upgrade your database schema from Oracle Xellerate Identity Provisioning 8.5.x to Oracle Identity Manager 9.0.1 by using the one of the following scripts appropriate for your database and operating system. Be sure to run the script on the machine where the database resides.

   Oracle

   
   

   Note: The xl_db_upg_852_853_to_901 script also upgrades the required stored procedures for Oracle.

   
   

   For Oracle on Unix/Linux:

   1. Enable execute permissions on the xl_db_upg_852_853_to_901.sh script:

   chmod 755 xl_db_upg_852_853_to_901.sh

   1. Run the following script on the drive where you want to upgrade your database schema:

   <Patch>/Database/Oracle/Scripts/xl_db_upg_852_853_to_901.sh

   1. Enter the appropriate information for the Oracle database when prompted by the xl_db_upg_852_853_to_901.sh script.

   For Oracle on Windows:

   1. Run the following batch script on the drive where you want to upgrade your database schema:

   <Patch>\Database\Oracle\Scripts\xl_db_upg_852_853_to_901.bat

   The following is the command line usage for the Oracle xl_db_upg_852_853_to_901.bat script:

   xl_db_upg_852_853_to_901.bat <ORACLE_SID>

   <ORACLE_HOME> <ORACLE_XELL_USER>

   <ORACLE_XELL_USER_PWD> <PATCH>

   SQL Server

   1. Run the <Patch>\Database\SQLServer\Scripts\upg_852_853_to_901.bat batch file.

      
      

      Note: Refer to "Executing the SQL Server Upgrade Script" for more information on executing these scripts on an SQL Server database.

      
      

6. New stored procedures have been introduced in Oracle Identity Manager 9.0.1. Perform the following steps to create the requisite stored procedures for your database:

   
   

   Note: If you are using an Oracle database, you can skip this step as running the xl_db_upg_852_853_to_901 script already created the required stored procedures for Oracle.

   
   

   SQL Server

   1. Launch a plain-text editor, then open:

      <Patch>\Database\SQLServer\StoredProcedures\compile_all_XL_SP.bat

   1. For every stored procedure listed in the Sequential Lists section of compile_all_XL_SP.bat, replace the string @sysuser with the database user name. This is necessary because SQL Server requires functions invoked from a stored procedure to be qualified by the database user name (owner). Be sure you replace the entire @sysuser string, including the @ character

   1. Run the script:

      <Patch>\Database\SQLServer\StoredProcedures\compile_all_XL_SP.bat

      
      

      Note: Refer to "Executing the SQL Server Upgrade Script" for details on executing this script on a SQL Server database.

      
      

7. To upgrade and enable the optional Oracle Identity Manager Audit and Compliance module, perform the following steps appropriate for your database:

   
   

   Note: This step is necessary only if you are upgrading from Oracle Xellerate Identity Provisioning 8.5.x to the 9.0.1 version of the Oracle Identity Manager Auditing and Compliance module.

   
   

   Oracle

   1. Log in to SQL *Plus with the credentials of the Oracle Xellerate Identity Provisioning 8.5.x database schema owner.

   1. Run the

      <Patch>/Database/Oracle/Scripts/Oracle_Enable_XACM.sql

      script.

   SQL Server

   1. Run the following script:

      <Patch>\Database\SQLServer\Scripts\SQLServer_Enable_XACM.bat

      
      

      Note: Refer to "Executing the SQL Server Upgrade Script" for details on executing this script on a SQL Server database.

      
      

8. The user profile auditing feature and the reports feature require that certain metadata be loaded into the database. As appropriate for the operating system on the machine hosting your Oracle Identity Manager server, load Oracle Identity Manager metadata into your database by executing one of the following commands:

   Windows

   1. Run the

      <Patch>\Database\Utilities\LoadXML.bat

      bat file.

   UNIX

   1. Run the

      <Patch>\Database\Utilities\LoadXML.sh

      script.

      
      

      Note: Refer to "Loading Metadata into the Database" for more information on executing this script.

      
      

Creating a New, Upgraded Database Instance

This approach creates a new database instance, then upgrades it with the database schema for Oracle Identity Manager 9.0.1. This method ensures that your current working database remains available if a rollback is required. Use the following steps for creating a new, upgraded database instance:

1. Backup your existing database. As appropriate to your particular database, use the export/backup utilities provided with the Oracle database or SQL Server to perform a complete backup of your production database. Production database backup includes, but is not limited to, complete export or backup of the Oracle Xellerate Identity Provisioning 8.5.x database instance to ensure that no data is lost during the upgrade process. If the upgrade fails, this backup can be used to restore the database to its original state.

2. Export the existing database data using the export/backup utilities for your Oracle or SQL Server database.

3. Create a new database. See "Setting Up the Oracle Database" or "Setting Up the SQL Server" for more information.

   
   

   Note: If you create a new Oracle database, make sure to specify the username and password used by your original database instance as the credentials for your new database.

   
   

4. Using the import utility provided by your particular database, import the data you exported from your original database in Step 2 into your newly created database you made in Step 3. This creates an exact copy of your original database instance.

5. If you plan to install the optional Oracle Identity Manager Audit and Compliance module, you should create a separate file group for your SQL Server or a separate tablespace for Oracle databases to facilitate the new user profile auditing feature in version 9.0.1 of the Oracle Identity Manager Audit and Compliance module. If your database is SQL Server, you must create a new file group. If your database is Oracle, the new separate tablespace is not mandatory, but it is highly recommended for performance reasons.

   
   

   Note: Refer to "Creating a User Profile Audit File Group in SQL Server" for details on how to create a new file group in SQL Server. Refer to Oracle database documentation for details on setting up a tablespace for Oracle databases.

   
   

6. Upgrade your database schema from Oracle Xellerate Identity Provisioning 8.5.x to Oracle Identity Manager 9.0.1 by using one of the following scripts appropriate for your database and operating system. Be sure to run the script on the machine where the database resides.

   Oracle

   
   

   Note: The xl_db_upg_852_853_to_901 script also upgrades the required stored procedures for Oracle.

   
   

   For Oracle on Unix/Linux:

   1. Enable execute permissions on the xl_db_upg_852_853_to_901.sh script:

      chmod 755 xl_db_upg_852_853_to_901.sh

   1. Run the following script on the drive where you want to upgrade your database schema:

      <Patch>/Database/Oracle/Scripts/xl_db_upg_852_853_to_901.sh

   1. Enter the appropriate information for the Oracle database when prompted by the

      xl_db_upg_852_853_to_901.sh

      script.

   For Oracle on Windows:

   1. Run the following batch script on the drive where you want to upgrade your database schema:

      <Patch>\Database\Oracle\Scripts\xl_db_upg_852_853_to_901.bat

      The following is the command line usage for the Oracle xl_db_upg_852_853_to_901.bat script

      xl_db_upg_852_853_to_901.bat <ORACLE_SID>

      <ORACLE_HOME> <ORACLE_XELL_USER>

      <ORACLE_XELL_USER_PWD> <PATCH>

   SQL Server

   1. Run the

      <Patch>\Database\SQLServer\Scripts\upg_852_853_to_901.bat

      bat file.

      
      

      Note: Refer to "Executing the SQL Server Upgrade Script" for more information on executing these scripts on an SQL Server database.

      
      

7. New stored procedures have been introduced in Oracle Identity Manager 9.0.1. Perform the following steps to create the requisite stored procedures for your database:

   
   

   Note: If you are using an Oracle database, you can skip this step as running the xl_db_upg_852_853_to_901 script already created the required stored procedures for Oracle.

   
   

   SQL Server

   1. Launch a plain-text editor, then open

      <Patch>\Database\SQLServer\StoredProcedures\compile_all_XL_SP.bat

   1. For every stored procedure listed in the Sequential Lists section of compile_all_XL_SP.bat, replace the string @sysuser with the database user name. This is necessary because SQL Server requires functions invoked from a stored procedure to be qualified by the database user name (owner).

   1. Run the script

      <Patch>\Database\SQLServer\StoredProcedures\compile_all_XL_SP.bat

      
      

      Note: Refer to "Executing the SQL Server Upgrade Script" for details on executing this script on a SQL Server database.

      
      

8. To upgrade and enable the optional Oracle Identity Manager Audit and Compliance module, perform the following steps appropriate for your database:

   
   

   Note: This step is necessary only if you are upgrading from Oracle Xellerate Identity Provisioning 8.5.x to the 9.0.1 version of the Oracle Identity Manager Auditing and Compliance module.

   
   

   Oracle

   1. Log in to SQL *Plus with the credentials of the Oracle Xellerate Identity Provisioning 8.5.x database schema owner.

   1. Run the

      <Patch>/Database/Oracle/Scripts/Oracle_Enable_XACM.sql

      script.

   SQL Server

   1. Run the script

      <Patch>\Database\SQLServer\Scripts\SQLServer_Enable_XACM.bat

      
      

      Note: Refer to "Executing the SQL Server Upgrade Script" for details on executing this script on a SQL Server database.

      
      

9. The user profile auditing feature and the reports feature require that certain metadata be loaded into the database. As appropriate for the operating system on the machine hosting your Oracle Identity Manager server, load Oracle Identity Manager metadata into your database by executing one of the following commands:

   Windows

   1. Run the <Patch>\Database\Utilities\LoadXML.bat batch file

   UNIX

   1. Run the <Patch>/Database/Utilities/LoadXML.sh script.

      
      

      Note: Refer to "Loading Metadata into the Database" for more information on executing this script.

      
      

Pre-Upgrade Configuration

Before you upgrade to the Oracle Identity Manager 9.0.1, you must prepare for the upgrade by performing pre-upgrade configuration tasks to the following components:

• Oracle Identity Manager Server

• Remote Manager

• Design Console

Pre-Upgrade Configuration for the Oracle Identity Manager Server

Prepare the Oracle Identity Manager Server for upgrade to 9.0.1 by updating 8.5.x libraries, scripts, and configuration files using the following steps.

Note: If upgrading from a clustered WebSphere environment, perform the following steps on all cluster members, including the model node.

1. Backup the following directories.

   • <XL_85x_HOME>\xellerate\bin

   • <XL_85x_HOME>\xellerate\config

   • <XL_85x_HOME>\xellerate\DDTemplates

   • <XL_85x_HOME>\xellerate\ext

   • <XL_85x_HOME>\xellerate\lib

   • <XL_85x_HOME>\xellerate\setup

   • <XL_85x_HOME>\xellerate\webapp

   • <XL_85x_HOME>\documentation

2. Copy the directories and files listed in the location of the From column in the following table to the location listed in the To column in the following table. Overwrite the existing files in the To location if necessary.

   Table 13-1 Oracle Identity Manager Server Pre-Upgrade Files to Copy

   Copy From...	To
   Patch\xellerate\config	<XL_HOME>\xellerate\config
   Patch\xellerate\DD Templates	<XL_HOME>\xellerate\DD Templates
   Patch\xellerate\ext	<XL_HOME>\xellerate\ext
   Patch\xellerate\lib	<XL_HOME>\xellerate\lib
   Patch\xellerate\bin	<XL_HOME>\xellerate\bin
   Patch\xellerate\webapp	<XL_HOME>\xellerate\webapp
   Patch\documentation	<XL_HOME>\documentation
   Patch\xellerate\readme.htm	<XL_HOME>

   
   

3. Copy the following files from Patch\xellerate\setup to <XL_HOME>\xellerate\setup:

   • setup.xml

   • websphere-setup.xml

   • patch_websphere.cmd

   • patch_websphere.sh

4. Edit the <XL_HOME>\xellerate\setup\patch_websphere script as follows:

   Windows

   1. Open patch_weblogic.cmd and make the following changes:

      replace @java_home with the path to the Java installation directory

      replace @wasHome with the path to the WebSphere installation directory

      replace @loc with the path to the Oracle Identity Manager server installation directory

   UNIX

   1. Open patch_weblogic.sh and make the following changes:

      replace @java_home with the path to directory containing the JDK

      replace @loc with the path to the Oracle Identity Manager server installation directory

5. Use a text editor to edit the PurgeCache script in the <XL_HOME>\xellerate\bin\ directory. For Windows, edit the PurgeCache.bat file. For UNIX, edit the PurgeCache.sh file.

   • Replace oscache-2.0.2-22Jan04.jar with oscache.jar in the definition of the CLASSPATH environment variable.

6. Modify the <XL_HOME>/xellerate/config/xlconfig.xml file. See "Upgrading the Server Configuration File" for more information.

7. Modify the <XL_HOME>/xellerate/config/FormMetaData.xml. See "Upgrading the Metadata File" for more information.

8. As of version 9.0.1, and for all future releases, the log.properties file replaces the log.conf file as the Oracle Identity Manager server configuration log file. Complete the following steps to migrate all the version 8.5.x logging settings:

   1. Copy any version 8.5.x custom logging-related settings that exist in the log.conf file, which resides in the backup directory <XL_85x_HOME>/config/, to the log.properties file, which resides in the directory <XL_HOME>/xellerate/config/.

      
      

      Note: Copy only the custom logging-related settings in the log.conf file, not the syntax of the 8.5.x log.conf file.

      
      

   1. You must convert the formatting of the log-level settings in log.conf to new formatting in the log.properties file. For example, a logging-related entry in log.conf might look similar to the following:

      Logger.module.ADAPTERS=WARN

      The corresponding entry in log.properties might look like the following:

      # log4j.logger.XELLERATE.ADAPTERS=WARN

      You need to uncomment the line, then set the parameter to the value already set in the log.conf entry, so that the log.properties entry looks something like the following:

      log4j.logger.XELLERATE.ADAPTERS=WARN

      Repeat this for all logging-related entries, then save and close the file.

9. Edit the <XL_HOME>/xellerate/config/log.properties file. Locate log4j.logger.XELLERATE.CACHEMANAGEMENT and add the following lines after it:

   #log4j.logger.XELLERATE.ATTESTATION=DEBUG#log4j.logger.XELLERATE.AUDITOR=DEBUG

   Uncomment these two lines as needed and set appropriate log levels to enable logging for attestation and auditing respectively.

10. Remove the following libraries from the <XL_HOME>\xellerate\ext directory:

    • classes12.zip

    • csv-1.0.jar

    • oscache-2.0.2-22Jan04.jar

    • sax.jar

    • dom.jar

    • jaxp-api.jar

11. Edit the <XL_HOME\xellerate\Profiles\websphere.profile file as follows according to your database:

    Oracle

    1. Locate the database.type property and add the following lines immediately after it:

       # Reporting data sourcedatasource.report=jdbc/xlXADS

    1. Locate the datasource.database.driver.classpath. Change the value to the following:

       <XL_HOME>/ext/ojdbc14.jar

    SQL Server

    1. Locate the database.type property and add the following lines immediately after it:

       # Reporting data sourcedatasource.report=jdbc/xlXADS

Pre-Upgrade Configuration for the Design Console

Prepare the Oracle Identity Manager Design Console for upgrade to 9.0.1 by updating 8.5.x libraries, scripts, and configuration files using the following steps:

1. Backup the following files and directories:

   • <XL_85x_DC_HOME>\xlclient\XLDesktopClient.ear

   • <XL_85x_DC_HOME>\xlclient\CustomClient.zip

   • <XL_85x_DC_HOME>\xlclient\ext

   • <XL_85x_DC_HOME>\xlclient\lib

   • <XL_85x_DC_HOME>\documentation

2. Copy the following files form Patch\xlclient\ to the <XL_DC_HOME>\xlclient directory, overwriting existing files if necessary:

   • Patch\xlclient\ws.properties

   • Patch\xlclient\fvc.properties

   • Patch\xlclient\FVCutil_websphere.cmd

   • Patch\xlclient\XLDesktopClient.ear

   • Patch\xlclient\CustomClient.zip

   • Patch\xlclient\xlFvcUtil.ear

3. Copy the contents of the Patch\documentation directory to <XL_DC_HOME>\documentation, overwriting files if necessary.

4. Copy Patch\xellerate\readme.htm to <XL_DC_HOME>\xlclient\, overwriting the existing file if necessary.

5. Copy the contents of the Patch\xlclient\ext directory to <XL_DC_HOME>\xlclient\ext, overwriting files if necessary.

6. Copy the contents of the Patch\xlclient\lib directory to <XL_DC_HOME>\xlclient\lib, overwriting files if necessary.

7. Remove the following from the <XL_DC_HOME>\xlclient\ext\ directory:

   • classes12.zip

   • csv-1.0.jar

   • oscache-2.0.2-22Jan04.jar

8. Open the <XL_DC_HOME>\xlclient\FVCutil_websphere.cmd file. Set the following environment variable values:

   • WS_HOME to the path of the WebSphere application server client installation directory

   • XLCLIENT_HOME to the path of the Design Console installation directory

9. Open the <XL_DC_HOME>\xlclient\wsxlclient.cmd file. Add an argument called propfile in place of classpath. For example, replace the following lines:

   "%WS_HOME%\bin\launchclient" XLDesktopClient.ear ^ 
   -CCclasspath=%CLASSPATH% ^ -CCsecurityMgrPolicy=./config/xl.policy ^ 
   -CCDXL.HomeDir=. ^ -CCDjava.security.auth.login.config=./config/authws.conf ^ -CCDwas.home="%WS_HOME%"
   
   

   with

   "%WS_HOME%\bin\launchclient" XLDesktopClient.ear 
   -CCpropfile=<XL_DC_HOME>/ws.properties 
   -CCsecurityMgrPolicy=@loc/config/xl.policy 
   -CCDXL.HomeDir=@loc 
   -CCDjava.security.auth.login.config=@loc/config/authws.conf 
   -CCDwas.home="%WS_HOME%"
   
   

10. Open the <XL_DC_HOME>\xlclient\xlCustomClient.bat file. Replace java.naming.provider.url with log4j.configuration.

    
    

    Note: Skip this step if <XL_DC_HOME>\xlclient\xlCustomClient.bat is not present

    
    

    For example, replace the following:

    java -Djava.security.manager -DXL.HomeDir=. 
    -DXL.ClientClassName=%CLIENT_CLASS% 
    -Djava.security.policy=config\xl.policy 
    -Djava.security.auth.login.config=config\auth.conf -Djava.naming.provider.url=jnp://10.1.1.58:1099/ com.thortech.xl.client.CustomAPIClient
    
    

    with

    java -Djava.security.manager -DXL.HomeDir=. 
    -DXL.ClientClassName=%CLIENT_CLASS% 
    -Djava.security.policy=config\xl.policy 
    -Djava.security.auth.login.config=config\auth.conf -Dlog4j.configuration=config\log.properties 
    com.thortech.xl.client.CustomAPIClient
    
    

Pre-Upgrade Configuration for the Remote Manager

Prepare the Oracle Identity Manager Remote Manager for upgrade to 9.0.1 by updating 8.5.x libraries, scripts, and configuration files using the following steps:

1. Backup the <XL_85x_RM_HOME>\xlremote\lib directory.

2. Copy the contents of the Patch\xlremote\lib directory to the <XL_RM_HOME>\xlremote\lib directory, overwriting files if necessary.

3. Open the <XL_RM_HOME>\xlremote\remotemanager.bat file. Locate the following entries:

   -cp %CLASSPATH%

   and

   -DXL.HomeDir

   
   

   Note: The -cp %CLASSPATH% and -DXL.HomeDir entries are not on separate lines in the remotemanager.bat file, but are listed separately here for clarity.

   
   

   Add the following between these two lines:

   -Dlog4j.configuration=config\log.properties

   For example, replace

   <XL_RM_HOME>\xlremote\java\bin\java -cp %CLASSPATH%
   -DXL.HomeDir=<XL_RM_HOME>\xlremote 
   com.thortech.xl.remotemanager.RemoteManager
   
   

   with

   <XL_RM_HOME>\xlremote\java\bin\java -cp %CLASSPATH%
   -Dlog4j.configuration=config\log.properties
   -DXL.HomeDir=<XL_RM_HOME>\xlremote
   
   

4. As of version 9.0.1, and for all future releases, the log.properties file replaces the log.conf file as the Remote Manager configuration file. Complete the following steps to migrate all the Remote Manager logging settings:

   1. Copy the <XL_HOME>xellerate/config/log.properties file from the version 9.0.1 server installation directory to the version 9.0.1 Remote Manager <XL_RM_HOME>/xlremote/config/ installation directory.

   2. Copy any version 8.5.x custom logging-related settings that may exist in the file log.conf, which resides in the directory <XL_85x_RM_HOME>/xlremote/config/, to the file log.properties, which resides in the directory <XL_RM_HOME>/xlremote/config/.

      
      

      Note: Copy only the custom logging-related settings in the log.conf file, not the syntax of the 8.5.x log.conf file.

      
      

   3. You must convert the formatting of the log-level settings in log.conf to new formatting in the log.properties file. For example, a logging-related entry in log.conf might look similar to the following:

      Logger.module.RemoteManager=WARN

      The corresponding entry in log.properties might look like the following:

      # log4j.logger.XELLERATE.RemoteManager=DEBUG

      You need to uncomment the line, then set the parameter to the value already set in the log.conf entry, so that the log.properties entry looks something like the following:

      log4j.logger.XELLERATE.RemoteManager=WARN

      Repeat this for all logging-related entries, then save and close the file.

5. Upgrade the xlconfig.xml file in <XL_RM_HOME>/xlremote/config/. See "Upgrading the Remote Manager Configuration File" for more information.

Migrating Custom Code to 9.0.1

In a version 9.0.1 environment, you can recycle custom code (including custom clients, scheduled tasks, event handlers and libraries bound to adapters) originally used in your version 8.5.x environment.

Note: Before migrating custom code from the 8.5.x environment, the custom code must first be rebuilt using the Oracle Identity Manager 9.0.1 libraries.

Recompiling Custom Code

Custom code written for Oracle Xellerate Identity Provisioning 8.5.x needs to be rebuilt using the Oracle Identity Manager 9.0.1 libraries, which are located in <XL_HOME>/xellerate/lib.

Using the integrated development environment (that is, Eclipse, JDeveloper, WASD or command line javac) that originally compiled the version 8.5.x custom code, recompile all custom java code using Oracle Identity Manager 9.0.1 libraries instead of Oracle Xellerate Identity Provisioning 8.5.x libraries.

Migrating Adapters

Custom java libraries bound to functional Oracle Xellerate Identity Provisioning 8.5.x adapters can be reused in a Oracle Identity Manager 9.0.1 environment after they have been recompiled using Oracle Identity Manager 9.0.1 libraries.

The recompiled custom java libraries that were originally in the directory <XL_85x_HOME>/xellerate/JavaTasks must be copied to the directory <XL_HOME>/xellerate/JavaTasks.

The recompiled custom java libraries that were originally in the directory <XL_85x_RM_HOME>/xlremote/JavaTasks must be copied to the directory <XL_RM_HOME>/xlremote/JavaTasks.

Note: In a clustered environment you must repeat this step on all cluster members.

Note: You do not need to recompile the adapters themselves.

Migrating Scheduled Tasks

Custom scheduled tasks that were functional in Oracle Xellerate Identity Provisioning 8.5.x can be reused in your Oracle Identity Manager 9.0.1 environment after you have recompiled them using Oracle Identity Manager 9.0.1 libraries.

The recompiled custom scheduled tasks in <XL_85x_HOME>/xellerate/ScheduleTask need to be copied to the directory <XL_HOME>/xellerate/ScheduleTask.

Note: BIn a clustered environment you must repeat this step on all cluster members.

Migrating Event Handlers

Custom event handlers that were functional in Oracle Xellerate Identity Provisioning 8.5.x can be reused in your version 9.0.1 environment after you have recompiled them using Oracle Identity Manager 9.0.1 libraries.

The recompiled custom event handlers must be copied to the directory <XL_HOME>/xellerate/EventHandlers.

Note: BIn a clustered environment you must repeat this step on all cluster members.

Migrating xlWebApp Customizations

You must reapply within the 9.0.1 environment any customizations (for instance, JSP customizations) made to the web application shipped with Oracle Xellerate Identity Provisioning 8.5.x.

Migrate any customizations previously applied to your version 8.5.x web application to the out-of-box version 9.0.1 web application xlWebApp.war, which resides in the directory <XL_HOME>/xellerate/webapp.

Migrating Custom Clients

Any custom clients that were built using Oracle Xellerate Identity Provisioning 8.5.x APIs must be updated and recompiled to make them compatible with the Oracle Identity Manager 9.0.1 APIs. For example, certain APIs might have been deprecated or replaced by new APIs. Refer to the Oracle Identity Manager Release Notes for a comprehensive list of API calls that have changed between Oracle Xellerate Identity Provisioning 8.5.x and Oracle Identity Manager 9.0.1.

Performing the Upgrade to 9.0.1

Upgrading from an existing Oracle Xellerate Identity Provisioning 8.5.x deployment to Oracle Identity Manager 9.0.1 involves assembling a new enterprise application archive (EAR) file from the latest libraries, then redeploying the EAR. For clustered WebSphere deployments, this is done on the deployment manager. For a non-clustered WebSphere deployment, this is done on the application server.

Perform the following steps to upgrade an existing Oracle Xellerate Identity Provisioning 8.5.x deployment to Oracle Identity Manager 9.0.1 in a Websphere environment:

1. Enable SOAP communication to NDM/WAS for the patch utility. Edit the <NDM|WAS_INSTALL_DIR>\properties\soap.client.props to enable security with the following properties:

   com.ibm.SOAP.securityEnabled=true
   com.ibm.SOAP.loginUserid=xelsysadm
   com.ibm.SOAP.loginPassword=xelsysadm
   
   

2. Make sure the WebSphere application server is running. For clustered environments, make sure WebSphere application server and Deployment Manager is running on all nodes in the cluster. Run the patch_websphere script:

   Windows

   • Run <XL_HOME>\xellerate\setup\patch_websphere.cmd

   UNIX

   • Run <XL_HOME>\xellerate\setup\patch_webpshere.sh

3. Perform the following steps after running the patch_websphere script:

   1. Stop the application server. If upgrading in a clustered environment, stop the application server on all nodes.

   2. Remove classes12.zip from the <WEBSPHERE_HOME>\AppServer\lib\ext directory. If upgrading in a clustered environment, remove classes12.zip from the <WEBSPHERE_HOME>\AppsServer\lib\ext directory on all nodes.

   3. For clustered environments, you must also copy the following files from Patch\xellerate\lib to <WEBSPHERE_HOME>\AppServer\lib\ext on all nodes:

      xlAuthentication.jar

      xlUtils.jar

      xlLogger.jar

      xlCrypto.jar

   4. For clustered environments, you must also copy the ojdbc14.jar file from Patch\xellerate\ext to <WEBSPHERE_HOME>\AppServer\lib\ext on all nodes.

   5. For clustered environments, you must also copy Patch\xellerate\ext\nexaweb-common.jar to <WEBSPHERE_HOME>\AppServer\lib on all nodes in the cluster.

   6. Start the application server.

Post-Upgrade Configuration

The following post-upgrade configurations are necessary to complete the upgrade process.

Post-Upgrade Configuration for the Audit and Compliance Module

The following post-upgrade configuration procedures might be necessary if you have installed the Oracle Identity Manager Audit and Compliance module (previously named Oracle Xellerate Auditing and Compliance Manager in 8.5.x). The following is an overview of the process:

1. Set the user profile audit level

2. Generate user snapshots

3. Execute the Generate Snapshot script

Setting the User Profile Audit Level

1. Define a secondary data source for reporting, if necessary. Refer to the Oracle Identity Manager Audit Report Developer's Guide for more information on defining a secondary data source.

2. Start the application server hosting your Oracle Identity Manager server.

3. Set the audit level. The permissible values, in descending order are:

   • Process Task

   • Resource Form

   • Resource

   • Membership

   • Core

   • None

   Specify an audit level by completing the following sub-steps:

   1. Log into the Design Console as an administrator

   2. Navigate to the System Configuration page

   3. Locate XL.UserProfileAuditDataCollection and set its value to Resource Form or the appropriate audit level

4. To collect user profile audit data in the secondary reporting data store, complete the following sub-steps:

5. Log into the Design Console as an administrator

6. Navigate to the System Configuration page

7. Locate XL.UserProfileAuditInSecondaryDS and set its value to TRUE.

Generating User Snapshots

If you installed the Oracle Identity Manager Audit and Compliance module (previously named Oracle Xellerate Auditing and Compliance Manager in 8.5.x), you must generate new snapshots for all existing users in the system when either of the following two situations occur:

• You upgrade from version 8.5.x to version 9.0.1 with the Oracle Xellerate Auditing and Compliance Manager module

• You elevate the audit level for Audit and Compliance module

To generate new snapshots, complete the following steps:

1. Launch a plain-text editor and open the file GenerateSnapshot script located in the <XL_HOME>/xellerate/bin/ directory. If you are running on Windows, open GenerateSnapshot.bat. If you are running on UNIX, open GenerateSnapshot.sh.

2. Edit the following variables in the GenerateSnapshot script:

   1. Modify the set XEL_HOME= variable to point to the directory where you installed Oracle Identity Manager.

   2. Modify the set APP_SERVER=@appserver variable to be:

      set APP_SERVER=websphere

   3. Modify the set APP_SERVER_HOME=@app_server_home variable to point to the directory where you installed WebSphere.

   4. Modify the set JAVA_HOME=@jdk_loc variable to point to the directory containing the JDK.

   5. If you are running on Windows and using SQL Server as your database, set the SQL_SERVER_DRIVER_DIR variable in GenerateSnapshot.bat to point to the directory containing the SQL Server JDBC drivers and remove the comment for the line. For example, change:

      REM set SQL_SERVER_DRIVER_DIR=C:\Program Files\Microsoft SQL Server 2000 Driver for JDBC\lib

      to the following:

      set SQL_SERVER_DRIVER_DIR=<Set appropriate value here>

3. Execute one of the following GenerateSnapshot scripts as appropriate for the operating system on the machine hosting the Design Console:

   Windows

   • Run the batch file GenerateSnapshot.bat, which resides in the directory <XL_HOME>/xellerate/bin/.

   UNIX

   • Run the batch file GenerateSnapshot.sh, which resides in the directory <XL_HOME>/xellerate/bin/.

Updating the Design Console xlDataObjectBeans.jar

You must copy the xlDataObjectBeans.jar file in the newly patched EAR (xellerate.ear) to the design console libraries folder. Use the following steps:

1. Extract xlDataObjectBeans.jar from xellerate.ear using the following steps:

   1. Log into WebSphere Admin Console

   2. Navigate to Applications à Enterprise Applications

   3. Choose Xellerate and click Export

   4. Save the generated xellerate.ear

   5. Extract xlDataObjectBeans.jar from xellerate.ear

2. Copy this xlDataObjectBeans.jar to <XL_DC_HOME>\xlclient\lib

Upgrading the Diagnostic Dashboard

To upgrade your existing 8.5.x Diagnostic Dashboard to version 9.0.1, you must install a new instance of the Diagnostic Dashboard. Use the following steps to upgrade to the 9.0.1 Diagnostic Dashboard:

1. Remove the existing XIMDD application

2. Install a new instance of the XIMDD application using the new, version 9.0.1 XIMDD.war file in the Patch\DiagnosticDashboard directory

3. Refer to "Installing the Diagnostic Dashboard" for more information.