| Oracle® Access Manager Upgrade Guide 10g (10.1.4.2.0) Part Number B32416-01 |
|
|
View PDF |
| Oracle® Access Manager Upgrade Guide 10g (10.1.4.2.0) Part Number B32416-01 |
|
|
View PDF |
This appendix organizes planning details and deliverables, and tracking summaries, into tables that you can use as you prepare for and upgrade your deployments. Planning deliverables include documentation that you prepare where you have defined and recorded a detailed plan that identifies how the upgrade process is to be performed within each of your deployments. Whether you are performing an in-place upgrade or you are using the zero downtime upgrade method, the details that you need to collect for each component and the deployment are the same. Topics in this appendix include:
Summary of Information Needed for Directory Server Instances
Summary of Details Needed for Earlier Policy Manager Instances
Summary of Details for Integration Components and Independently Installed SDKs
Summary of Upgrading Schema and Data: In-Place Upgrade Method
Before you start any upgrade activity, Oracle recommends that you review all information related to the upgrade method that you have chosen:
Chapter 1 provides an overview of upgrade tasks and planning activities. It includes the following topics:
Planning Considerations for System Downtime During In-Place Upgrades
Planning Considerations for Extranet and Intranet Deployments
Note:
If you are using the zero downtime upgrade method, see also Chapter 15.Chapter 2 introduces upgrade concepts, strategies, and processing methods. Topics in this chapter include
Upgrade Strategies When Support is Changed or Deprecated
Note:
If you are using the zero downtime upgrade method, see also Chapter 15.Chapter 3 introduces both the automated processes that are initiated when you start a component upgrade and manual tasks that you must perform
Note:
If you are using the zero downtime upgrade method, see also Chapter 15.Any details that you can access and print in your earlier installation will save you time and eliminate the possibility of errors. For example, consider printing directory server profiles and DB instance profiles, as well as COREid Server, WebPass, Access Server, and WebGate configuration pages. You might want to create and fill in your own documentation while collecting information. In this case, you can use the summaries in this appendix as a guide. Which ever method you choose, your planning deliverables provide a point of reference for the information that you collect and use during the upgrade.
Note:
Be sure to store printed information and other recorded details about your installation in a secure location.For more information, see "In-Place Upgrade Planning and Deliverables" or "Developing a Plan for a Zero Downtime Upgrade" .
The tables in this appendix are provided to help you see the details needed and track the progress of tasks that are completed as you and your team perform upgrade activities in your enterprise. You will find information about how to perform each task in chapters within this manual. Most items in the summary are links to more information.
Table F-1 summarizes the general information that you need to collect when planning for an upgrade.
Table F-1 Details for Your Overall Deployment
| Task | Subtask | Overall Deployment Summary |
|---|---|---|
|
0 |
0.1 |
Deployment Name: ________________________________________________________________ Deployment Type (circle all that apply): Identity System Only Joint Identity and Access System Intranet Deployment Extranet Deployment Development Test/Demo QA Production Other Master Administrator for this deployment:___________________________________________ Deterministic test script developed by:_______________________________________________ Date of the last validation of system operation:________________________________________ |
|
0.2 |
Total number of each component in this environment: Identity Servers:____________________________________________________________________ WebPass Instances:_________________________________________________________________ Independently installed SDKs:________________________________________________________ Identity customizations:_____________________________________________________________ If Joint Identity and Access System, enter, total number of: Policy Managers (formerly known as Access Manager component):_______________________ Access Servers:____________________________________________________________________ WebGates:________________________________________________________________________ Custom AccessGates:_______________________________________________________________ Access customizations:_____________________________________________________________ Integration connectors:_____________________________________________________________ __________________________________________________________________________________ |
|
|
0.3 |
Total number of (and potential downtime windows for): Directory Instances for Identity Servers only:__________________________________________ Potential downtime windows:_______________________________________________________ If Joint Identity and Access System: Directory Instances for Policy Managers only:________________________________________ Potential downtime windows:____________________________________________________ Directory Instances used by both Identity Servers and Policy Managers:_________________ Potential downtime windows:_______________________________________________________ |
|
|
0.4 |
Applications that depend on this deployment, owners, and potential downtime windows: __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ __________________________________________________________________________________ |
|
|
0.5 |
Change control procedures:__________________________________________________________ __________________________________________________________________________________ Scheduled maintenance windows:_____________________________________________________ __________________________________________________________________________________ Off hours operation windows:_______________________________________________________ __________________________________________________________________________________ |
|
|
0.6 |
Potential Identity System Downtime Estimates: Preparing for the Identity Schema and Data Upgrade:___________________________________ Directory Server Backups:____________________________________________________________ File System Backups:_________________________________________________________________ Schema Upgrade:___________________________________________________________________ Data Upgrade:_____________________________________________________________________ Identity Server Component Upgrades:________________________________________________ WebPass Instance Upgrades:_________________________________________________________ Identity System Customization Upgrades:_____________________________________________ Identity System Customization Redeployment:_________________________________________ Identity System Customization After Upgrading:_______________________________________ Identity System Upgrade Validation:__________________________________________________ |
|
|
0.7 |
Potential Access System Downtime Estimates: Preparing for the Access Schema and Data Upgrade:____________________________________ Directory Server Backups:____________________________________________________________ File System Backups:_________________________________________________________________ Schema Upgrade:___________________________________________________________________ Data Upgrade:______________________________________________________________________ Policy Manager Component Upgrades:________________________________________________ Access Server Component Upgrades:_________________________________________________ WebGate Component Upgrades:_____________________________________________________ Access System Customization Upgrades:______________________________________________ Access System Customization Redeployment:__________________________________________ Access System Customization After Upgrading:_________________________________________ Access System Upgrade Validation:____________________________________________________ |
Table F-2 summarizes the information that you need for each directory server instance in your existing Oracle Access Manager installation.
Table F-2 Details for Directory Instances
| Task | Subtask | Directory Instance Details |
|---|---|---|
|
1 |
1.1 |
Directory server type:_______________________________________________________________ Directory server version:____________________________________________________________ Directory server patch level:_________________________________________________________ |
|
1.2 |
Directory Server Details Directory server DNS hostname or IP address:__________________________________________ Directory server port #: ______________________________________________________________ Root bind DN for Oracle Access Manager:______________________________________________ Root password______________________________________________________________________ Searchbase__________________________________________________________________________ Configuration base__________________________________________________________________ Directory server security mode Open SSL Disjoint searchbase___________________________________________________________________ |
|
|
1.3 |
Directory Server/RDBMS Profiles (for more information, see specific summary pages for each) ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
1.4 |
Master/replica configuration details: ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
1.5 |
Types of data in the directory server (circle all that apply): User Data Configuration Data Policy Data |
|
|
1.6 |
Person Object Class__________________________________________________________________ Group Object Class_________________________________________________________________ User full name attribute:_____________________________________________________________ User login ID attribute:_______________________________________________________________ Password attribute:_________________________________________________________________ |
|
|
1.7 |
User full name attribute: |
|
|
1.8 |
User login ID attribute: |
|
|
1.9 |
Password attribute: |
Table F-3 summarizes information that you need to collect about the DIT and object definitions. For more information, see Planning Deliverables. If you are performing a zero downtime upgrade, see
Table F-3 DIT and Object Definition Details
| Task | Subtask | DIT and Object Definition Details |
|---|---|---|
|
2 |
2.1 |
Directory server DNS hostname or IP address:__________________________________________ Directory server port #: _____________________________________________________________ |
|
2.2 |
DIT and schema objects used in Oracle Access Manager__________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
2.3 |
Object definition details for all objects managed through Oracle Access Manager: ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table F-4 summarizes information that you need to collect about each directory server or RDBMS profile. Consider printing this information from your existing installation.
Table F-4 Details for Directory Server/RDBMS Profiles for Oracle Access Manager
| Task | Subtask | Directory Server/RDBMS Profile Details |
|---|---|---|
|
3 |
3.1 |
Directory server DNS hostname or IP address:___________________________________________ Directory server port #: _______________________________________________________________ |
|
3.2 |
Directory Server Profile Profile Name____________________________________:___________________________________ Namespace (searchbase): _____________________________________________________________ Directory Type:______________________________________________________________________ Dynamic Auxiliary Classes |
|
|
3.3 |
Operations (circle all that apply) Search Operations: Search Entries Authenticate Users Read Operations: Read Entry Write Operations: Create Entry Modify Entry Delete Entry Change Password |
|
|
3.4 |
Used by components (record all that apply) All Identity Servers:_____________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Access Servers_______________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Policy Managers (formerly Access Managers)____________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
3.5 |
Write Operations: Create Entry Modify Entry Delete Entry Change Password |
|
|
3.6 |
Database Instances (for more information, see specific summary pages for each) ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
3.7 |
Maximum Active Servers:____________________________________________________________ Failover Threshold:__________________________________________________________________ Sleep for seconds:___________________________________________________________________ Max. Session Time (minutes):_________________________________________________________ |
Table F-5 summarizes information that you need to collect for each database instance profile associated with a directory server instance. Consider printing this information from your existing installation.
Table F-5 Details for DB Instance Profiles
| Task | Subtask | DB Instance Profile Details |
|---|---|---|
|
4 |
4.1 |
Directory Server Instance Name_______________________________________________________ Computer Name hosting the directory instance__________________________________________ Port Number: ______________________________________________________________________ Root DN:___________________________________________________________________________ Root DN Password:__________________________________________________________________ Time Limit:_________________________________________________________________________ Size Limit:__________________________________________________________________________ Flags: SSL Referral Fast Bind (AD only) Secure Port Number_________________________________________________________________ Initial Connections:__________________________________________________________________ Maximum Connections:______________________________________________________________ |
Table F-6 summarizes information that you need to collect about each Identity Server.
Table F-6 Details for Existing Identity Servers
| Task | Subtask | Existing Identity Server Details |
|---|---|---|
|
Prepare for Identity Server Upgrade in Environment: Total Number of Identity Servers in this environment: |
||
|
5 |
Identity Server Details Installation directory of this Identity Server _____________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ Installation directory for the associated WebPass_________________________________________ |
|
|
5.1 |
Default Locale (Administrator Language) Languages Language Packs |
|
|
5.2 |
Transport security mode between the Identity Server and WebPass: Open Simple Cert |
|
|
5.3 |
Unique Identity Server ID of this instance:______________________________________________ Host name of the computer where the Identity Server is installed__________________________ Port number for Identity Server/WebPass communication________________________________ |
|
|
5.4 |
Is this the master Identity Server? (There can be only one installed to update the schema/data) Directory server type___________________ _____________________________________________ For more information for this Directory Instance, see summary____ ______________________ |
|
|
5.5 |
Security mode between directory server and Identity Server: SSL Open |
|
|
If SSL, path to the Root CA certificate: |
||
|
Simple mode onlyGlobal Access Protocol pass phrase |
||
|
Cert Mode OnlyCertificate PEM pass phrase:__________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
|
5.6 |
(Windows only) Unique Identity Server service name that will differentiate this instance in the Services window if you install several instances of Identity Server): |
|
|
5.7 |
Auditing configuration ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
5.8 |
Password policy configuration ____________________________________________________________________________________ |
|
|
5.9 |
Any customizations (Identity Event plug-ins, styles, Portal Inserts and the like)? See summary pages: ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
5.10 |
File-based changes (globalparams.xml, and the like)? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table F-7 summarizes information that you need to collect for each WebPass, some of which can be printed from the Identity System Console.
Table F-7 Details for Existing WebPass Instances
| Task | Subtask | Existing WebPass Details |
|---|---|---|
|
6 |
Prepare for WebPass Instances Upgrade in Environment: Total Number of WebPass Instances in this environment: |
|
|
6.1 |
WebPass Instance Details Installation directory of this WebPass Instance __________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ WebPass hostname:_________________________________________________________________
|
|
|
6.2 |
Default Locale (Administrator Language) Languages Language Packs Same Language Packs as the Identity Server |
|
|
6.3 |
Transport security mode between the Identity Server and WebPass: Open Simple Cert |
|
|
Simple mode onlyGlobal Access Protocol pass phrase |
||
|
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
|
6.4 |
WebPass ID used by Oracle Access Manager to identify the instance: |
|
|
6.5 |
DNS hostname of the Identity Server with which this WebPass communicates:_______________ Installation directory for the associated Identity Server___________________________________ Identity Server Port # for communication with WebPass: |
|
|
6.6 |
Any customizations? ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
6.7 |
File-based changes? ____________________________________________________________________________________ |
Table F-8 summarizes information that you need to collect for each existing Policy Manager (formerly known as the Access Manager component).
Table F-8 Details for Existing Policy Managers
| Task | Subtask | Existing Policy Manager Details |
|---|---|---|
|
7 |
Prepare for Policy Manager Upgrade in Environment: Total Number of Policy Managers in this environment: |
|
|
7.1 |
Policy Manager Instance Details Installation directory of this Policy Manager Instance ____________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ Policy Manager hostname:___________________________________________________________
|
|
|
7.2 |
Default Locale (Administrator Language) Languages Language Packs |
|
|
7.3 |
Transport security mode between the Policy Manager and Access Servers: Open Simple Cert |
|
|
Simple mode onlyGlobal Access Protocol pass phrase: |
||
|
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
|
7.4 |
Is this the master Policy Manager for the schema/data upgrade? Yes No Where is policy data stored? - User data directory server- Configuration data directory server- Separate directory server Directory server type___________________ ____________________________________________ Searchbase where user data is stored:__________________________________________________ Configuration DN:__________________________________________________________________ Policy base:________________________________________________________________________ For more information for this Directory Instance, see summary____ _____________________ |
|
|
If the security mode between the directory server and the Policy Manager is SSL, the path to the SSL certificate is:_________________________________________________________________ |
||
|
7.5 |
Person object class name: |
|
|
7.6 |
Policy Manager policy domain root: |
|
|
7.7 |
Configured authentication schemes? Yes No If Yes, select authentication scheme or schemes: Authentication Schemes - Basic Over LDAP - Client Certificate - Anonymous - Oracle Access and Identity - Oracle Access and Identity for AD Forests - Others ____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
7.8 |
Configure Oracle Access Manager-related policy domains? Yes No If Yes, select policy domains: Policy Domains - Identity Domain (a default) - Access Domain (a default) Others _____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
7.9 |
Configured policies to protect Oracle Access Manager-related URLs? Yes No Details_____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________. |
|
|
7.10 |
Any customizations? ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
7.11 |
File-based changes? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table F-9 summarizes information that you need to collect for each earlier Access Server. Consider printing some of this information from the Access System Console.
Table F-9 Details for Existing Access Servers
| Task | Subtask | Access Server Details |
|---|---|---|
|
8 |
Access Server Details Total number of Access Servers |
|
|
8.1 |
Access Server Instance Details Installation directory of this Access Server Instance ______________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________ |
|
|
8.2 |
Access Server Details in the System Console Access Server name__________________________________________________________________ Access Server host name______________________________________________________________ Port # the Access Server listens to______________________________________________________ Transport security between Access Server and associated WebGate: Open Simple Cert Associated WebGate ID_______________________________________________________________ Access Management flag On Off |
|
|
8.3 |
Default Locale (Administrator Language) Languages Language Packs |
|
|
8.4 |
Which directory server stores the configuration data? Same as Policy Manager directory server? Yes No Configuration DN_________________________________________________________________ If no, see summary for directory server instance________________________________________ Host computer______________________________________________________________________ Port number________________________________________________________________________ Root DN____________________________________________________________________________ Root DN password___________________________________________________________________ Directory type_______________________________________________________________________ Security mode between the configuration data directory server and the Access Server: Open SSL |
|
|
8.5 |
Which directory server stores the policy data?___________________________________________ Policy base__________________________________________________________________________ For more information about the directory server instance, see the summary for____________ ___________________________________________________________________________________ |
|
|
8.6 |
Save PEM phrase in a password file? (Simple and Cert modes only): Yes No |
|
|
Simple mode onlyGlobal Access Protocol pass phrase:____________________________________________________ Password file________________________________________________________________________ |
||
|
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Password file_______________________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
|
8.7 |
Auditing configuration ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
8.8 |
Any customizations (plug-ins, AccessGates, and the like), see summary pages: ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
8.9 |
File-based changes? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table F-10 summarizes information that you need to collect about each WebGate/AccessGate. Consider printing some of this information from the Access System Console.
Table F-10 WebGate/AccessGate Details
| Task | Subtask | WebGate/AccessGate Details |
|---|---|---|
|
9 |
Prepare for WebGate/AccessGate Upgrade in Environment: Total Number of WebGates in this environment:_________________________________________ Total number of custom AccessGates in this environment:_________________________________ |
|
|
9.1 |
WebGate/AccessGate Instance and Web Server Details Installation directory of this Instance ___________________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________
|
|
|
9.2 |
WebGate/AccessGate Details in the Access System Console WebGate ID_________________________________________________________________________ WebGate hostname:__________________________________________________________________ WebGate port:_______________________________________________________________________ WebGate password__________________________________________________________________ Transport security between the Access Server and WebGate: Open Simple Cert Preferred http host___________________________________________________________________ HTTP cookie domain:________________________________________________________________ Cache timeout_______________________________________________________________________ |
|
|
9.3 |
Associated with Access Server ID______________________________________________________ Access Server DNS hostname__________________________________________________________ Port number on which Access Server listens_____________________________________________ Priority_____________________________________________________________________________ Number of connections_______________________________________________________________ |
|
|
9.4 |
Default Locale (Administrator Language) Languages Language Packs |
|
|
9.5 |
Transport security mode between the Access Server and WebGate/AccessGate: Open Simple Cert |
|
|
Simple mode onlyGlobal Access Protocol pass phrase____________________________________________________ |
||
|
Cert mode onlyCertificate PEM phrase:_______________________________________________________________ Path of the certificate request file:______________________________________________________ Path of the certificate file:_____________________________________________________________ Path of the key file:__________________________________________________________________ Path of the chain file:_________________________________________________________________ |
||
|
9.6 |
Virtual IP and DNS aliases used to reference the WebPass or Web server farm protected with WebGate____________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
9.7 |
Any customizations? ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
9.9 |
File-based changes? ____________________________________________________________________________________ ____________________________________________________________________________________ |
Table F-11 summarizes information that you need to collect about Oracle Access Manager integration connectors for third-party products as well as independently installed software developer kits (SDKs).
Table F-11 Details for Integration Connectors and Independently Installed SDKs
| Task | Subtask | Integration Connectors and Independently Installed SDK Details |
|---|---|---|
|
10 |
Prepare for Upgrade in Environment: Total Number of Integration Connectors in this environment:_____________________________ Types of Integration Connectors in this environment:____________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Total number of independently installed SDKs in this environment:________________________ |
|
|
10.1 |
Integration Connector/SDK Instance and Web/App/Portal Server Details Installation directory of this Connector/SDK ____________________________________________ Exact Patch Level____________________________________________________________________ Operating System and Patch Level_____________________________________________________
|
|
|
10.2 |
Default Locale (Administrator Language) Languages Language Packs |
Table F-12 summarizes the information you need for each customization. For more information, see "Items that You Must Manually Upgrade".
Table F-12 Details for Existing Customizations
| Task | Subtask | Details of Existing Customizations |
|---|---|---|
|
11 |
11.1 |
Installation directory of the Customization _____________________________________________ Operating System and Patch Level_____________________________________________________ Other Oracle Access Manager components on this computer? Yes No Identity Server WebPass Policy Manager Access Server WebGate |
|
11.2 |
Workflows ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.3 |
Access Control Lists (ACLs) ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.4 |
Custom Identity Event plug-ins:_______________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.5 |
PresentationXML customizations ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.6 |
Styles and XSL stylesheet customizations: ______________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.7 |
IdentityXML clients and applications: __________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.8 |
Portal Inserts: ______________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.9 |
Customized Authentication plug-ins: __________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
|
|
11.10 |
____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Customized Authorization plug-ins: __________________________________________________ |
|
|
11.11 |
____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Access Manager API clients: __________________________________________________________ |
Table F-13 can help you track the progress of preparing for the schema and data upgrade. The summary includes links to schema and data preparation information in Chapter 5, and to component preparation in Chapter 8.
Unless explicitly stated, all tasks must be performed for both the in-place upgrade or the zero downtime upgrade. For more information about schema and data upgrade when using the zero downtime method, see "Schema and Data Upgrades with the Zero Downtime Upgrade Method".
Table F-13 Summary for Schema and Data Preparation
| Done | Summary of Schema and Data Preparation Tasks | Details |
|---|---|---|
|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
|
Developing Strategies for Upgrading in a Replicated Environment |
||
|
Configuring the Challenge/Response Phrase at the Object Class Level |
||
|
Configuring Unique Namespaces for Directory Connection Information |
||
|
Directory instances involved are described on (identify source)___________________________ ___________________________________________________________________________________ Preparing Your Directory Instances for the Schema and Data Upgrade |
||
|
Backing Up Existing Directory Instances |
||
|
In-Place Upgrade: Preparing Host Computers for Master Components |
||
|
In-Place Upgrade: Adding An Earlier Identity System to Use as a Master for the In-place Method |
||
|
Joint Identity and Access System Deployments Only After performing all Identity System schema and data preparation tasks described in this table and in Chapter 5, "Preparing for Schema and Data Upgrades", perform remaining tasks in this table. In-Place Upgrade: Adding an Earlier Access Manager to Use as a Master for the In-Place Method |
||
|
Finishing Preparation for the In-Place Schema and Data Upgrade includes topics in Chapter 8, "Preparing Components for the Upgrade" |
Table F-14 is provided to help you track the progress of upgrading the schema and data when you are using the in-place upgrade method. Identity System details are described in Chapter 6. If you have a joint Identity and Access System deployment, procedures for the Access System are described in Chapter 7.
Note:
If you are performing a zero downtime upgrade, skip this topic and instead see "Upgrading the Schema During a Zero Downtime Upgrade".Table F-14 Summary for In-Place Schema and Data Upgrade
| Done | Summary of the Schema and Data Upgrade: In-Place Upgrade Method | Details |
|---|---|---|
|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
|
Prerequisites, all preparation tasks in Summary of Schema and Data Preparation Tasks |
||
|
Upgrading Identity System Schema and Data In Place |
||
|
Joint Identity and Access System Deployments Only After performing all Identity System schema and data upgrade tasks described in this table and in Chapter 6, perform remaining tasks in this table as described in Chapter 7, "Upgrading Access System Schema and Data In Place". |
Table F-15 is provided to help you track the progress of activities that you and your team perform when preparing for the component upgrade. Procedures are described in Chapter 8. Most procedures apply equally to Identity System-only deployments and to joint Identity and Access System deployments. All procedures apply equally to both the in-place upgrade method and the zero downtime upgrade method. Additional procedures are required for the zero downtime upgrade method, as described in "Summary of a Zero Downtime Upgrade Tasks".
Table F-15 Summary of Component Preparation Tasks
| Done | Summary of Component Preparation Tasks | Details |
|---|---|---|
|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
|
Checking Compatibility with Previous Releases |
||
|
Copying Custom Identity Event Plug-ins |
||
|
Preparing Earlier Customizations |
||
|
Preparing the Default Logout in the Policy Manager |
||
|
Changing Read Permissions on Password Files |
||
|
Preparing Release 6.x Environments |
||
|
Preparing Multi-Language Installations |
||
|
Backing Up File System Directories, Web Server Configurations, and Registry Details |
||
|
|
||
|
Logging in with Appropriate Administrative Rights |
Table F-16 can help you track the progress of your in-place upgrades. Identity System procedures are described in Chapter 9. Access System procedures are described in Chapter 10. If you are using the zero downtime upgrade method, you can skip this topic and instead see "Summary of a Zero Downtime Upgrade Tasks".
Table F-16 Summary of In-Place Upgrade Tasks
| Done | Summary of In-Place Upgrade Tasks | Details |
|---|---|---|
|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
|
Prerequisites, all tasks in Summary of Component Preparation Tasks |
||
|
Upgrading Remaining Identity Servers In Place ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
|
Upgrading Remaining WebPass Instances In Place ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
|
Validating the In-place Identity System Upgrade |
||
|
Backing Up Upgraded Identity Component Information |
||
|
Joint Identity and Access System Deployments Only Include After performing all Identity System upgrade tasks described in this table and in Chapter 9, perform remaining tasks in this table as described in Chapter 10, "Upgrading Access System Components In Place". |
||
|
Upgrading Remaining Policy Managers In Place ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
|
Upgrading Access Servers In Place ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
|
____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ |
||
|
Backing Up Upgraded Access System Component Directories |
Table F-17 can help you track the progress your zero downtime upgrade. All procedures are described in chapters located in Part VI.
Table F-17 Summary of Zero Downtime Upgrade Tasks
Table F-18 can help you track the progress your integration connector or independently installed SDK upgrades (or both). The procedures are described in Chapter 11, "Upgrading Integration Components and an Independently Installed SDK".
Note:
In an Identity System-only deployment, there will be no integration connectors to upgrade. When you have a joint Identity and Access System deployment, you must upgrade integration connectors before independently installed SDKs for the Access System.Table F-18 Summary of Integration Connector/Independently Installed SDK Upgrade Tasks
| Done | Summary of Integration Connector/Independently Installed SDK Upgrade Tasks | Details |
|---|---|---|
|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
|
Prerequisites, all tasks in Summary of In-Place Upgrade Tasks |
||
|
Identity System-Only Deployments |
||
|
Upgrading Independently Installed Software Developer Kits |
||
|
Backing Up Upgraded Integration Connector or SDK Data |
||
|
Joint Identity and Access System Deployments Only |
||
|
Upgrading Third-Party Integration Connectors |
||
|
Upgrading Independently Installed Software Developer Kits |
||
|
Backing Up Upgraded Integration Connector or SDK Data |
Table F-19 can help you track the progress of customization upgrades in your environment. Specific Identity System procedures are described in Chapter 12, "Upgrading Your Identity System Customizations". Access System procedures are described in Chapter 13, "Upgrading Your Access System Customizations".
Table F-19 Summary for Customization Upgrade Tasks
| Done | Summary of Customization Upgrade Tasks | Details |
|---|---|---|
|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
|
Prerequisites, all tasks in: |
||
|
Identity System-Only Deployments |
||
|
Upgrading Auditing and Access Reporting for the Identity System |
||
|
Combining Challenge and Response Attributes on a Panel |
||
|
Confirming Identity System Failover and Load Balancing |
||
|
Migrating Custom Identity Event Plug-Ins |
||
|
Ensuring Compatibility with Earlier Portal Inserts |
||
|
Incorporating Customizations from Release 6.5 and 7.x |
||
|
Incorporating Customizations from Releases Earlier than 6.5 |
||
|
Validating Identity System Customization Upgrades |
||
|
Other Customizations (see summary pages)___________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ |
||
|
Backing Up Upgraded Identity System Customizations |
||
|
Access System Customizations Only |
||
|
Upgrading Auditing and Reporting for the Access Server |
||
|
Confirming Access System Failover and Load Balancing |
||
|
Upgrading Forms-based Authentication |
||
|
Recompiling and Redesigning Custom Authentication and Authorization Plug-Ins |
||
|
Associating Release 6.1.1 Authorization Rules with Access Policies |
||
|
Assuring Proper Authorization Failure Re-directs After Upgrading from 6.1.1 |
||
|
Updating the ObAMMasterAuditRule_getEscapeCharacter in Custom C Code |
||
|
Validating Access System Customization Upgrades |
||
|
Other Customizations (see summary pages)_____________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ ___________________________________________________________________________________ |
||
|
Backing Up Upgraded Access System Customizations |
Table F-20 can you track the progress your validation activities. Specific procedures are described in Chapter 14, "Validating the Entire System Upgrade". If you are using the zero downtime upgrade method, see various topics on"Summary of a Zero Downtime Upgrade Tasks" .
Table F-20 Summary for Validating All Upgrades
| Done | Summary for Validating All Upgrades | Details |
|---|---|---|
|
Deployment Name:_________________________________________________________________ Task owner:________________________________________________________________________ |
||
|
Prerequisites, all tasks in: |
||
|
Identity System-Only Deployments |
||
|
Validating the Identity System Upgrade |
||
|
Reverting Identity Server Backward Compatibility |
||
|
Joint Identity and Access System Deployments After performing all Identity System upgrade tasks described in this table, perform remaining tasks in this table to validate the upgraded Access System upgrade. |
||
|
Validating Access System Upgrades |
||
|
Deleting the Temporary Directory Server Profile |
||
|
Reverting Access Server Backward Compatibility |
