Hi All,
I would like to give some information about how to do patching and efix for IIQ.
IdentityIQ Patching:
Patch: A patch is a set of changes to a computer program or software, or its supporting data designed to update, fix, or remove it. Patches are usually called bugfixes and improve the usability or performance.
Steps:
My current version is 8.3:
- First, we have to get the patch file from the SailPoint compass (https://community.sailpoint.com/t5/IdentityIQ-Server-Software/ct-p/IdentityIQ). Suppose I am doing a patch for 8.3, i.e., 8.3p4.
-
Make a folder on your computer drive, anywhere (/Users/bkuruva/Desktop/Ptaching). And copy the software that you downloaded called identityiq-8.3p4.jar and our identityiq.war (which is present in our web application: /Users/bkuruva/Desktop/tomcat/apache-tomcat-9.0.78/webapps/identityiq/identityiq.war).
-
Stop the services
-
Here, we have to execute two commands, as follows:
a. jar xf identityiq-8.3p4.jar
Then you will get the identityiq-8.3p4.jar file and some other related files from the patch.
b. jar uf identityiq.war *
Now, the file (identityiq.war) has been updated with whatever new features or bugs are resolved in the patch.
-
Take (copy) the identityiq.war file and put it in the web apps (the previous one should be deleted; make sure to back up the folder/database before. deleting it).
-
- Now, extract or unjar the IdentityIQ patch in the IdentityIQ installation directory by using the following command:
a. jar -xvf identityiq.war
- Now, extract or unjar the IdentityIQ patch in the IdentityIQ installation directory by using the following command:
Then, you will get all the web application folders.
Now, update the database for the IIQ using the Database client. Update the database tables or schema using the script as follows: Using a database client, execute the upgrade_identityiq_tables-8.3p4 DDL script in WEB-INF/database that is appropriate for your database type.
You will get upgrade_identityiq_tables-8.3p4 DDL script from database folder of IIQ as below.
-
Run database scripts. To do this, first connect to database client.
a. source upgrade_identityiq_tables-8.3p4.mysql
Here, I have used the MySQL workbench application to execute the scripts. You can directly execute the source command prompt.
Now, the database tables are updated. -
Apply the patch by using a command-line interface to execute the command (execute command from bin folder).
a. iiq patch 8.3p4 (for mac OS: sh iiq patch 8.3p4)
Now, output will come like this below.
-
Now, start the services and check it.
Login to SailPoint.
For more information: https://community.sailpoint.com/t5/IdentityIQ-Server-Software/IdentityIQ-8-3p4/ta-p/254414#:~:text=Documentation-,identityiq-8.3p4-README.txt,-8.3p4%20Connector%20and
https://community.sailpoint.com/t5/IdentityIQ-Server-Software/IdentityIQ-8-3p4/ta-p/254414
IdentityIQ eFixes:
eFix: If we face any critical vulnerabilities in the current releases of IdentityIQ, SailPoint will release a security fix to address them.
Steps:
My current version is 8.3p4:
-
Download the e-fix file for the version of IdentityIQ you use. You can find them here: https://community.sailpoint.com/t5/IdentityIQ-Articles/IdentityIQ-Security-Vulnerabilities/ta-p/74058
I am applying IIQSR-867. -
After you download, you just extract the folder, and then you will see the WEB-INF folder. Under that, you will find one efixes folder. Just copy the folder and put it in our IIQ WEB-INF folder.
Copy the above efixes folder to our SailPoint IIQ WEB-INF.
-
Restart server instance and check the eFix from about page.
For more information: https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-Authorization-of-QuickLink-Target-Identities/ba-p/249824#:~:text=identityiq-8.4-IIQSR-867-CHECKSUM.txt