Hi All,
In this document, I will try to explain the upgrade procedure on a high level so that whenever you are doing it in the future, you can keep in mind all these steps.
These steps are given by SailPoint recommendations only.
Upgrade SailPoint IdentityIQ:
You must stop all processes and shutdown IdentityIQ before performing the upgrade. It is recommended that you schedule the upgrade for a time when the application is not being used heavily.
Note: If IQService is installed, the IQService version must match the IdentityIQ server version. If you upgrade one you must upgrade the other.
Note: It is very important that you perform the database and customization backup before performing the upgrade procedure.
The upgrade process contains the following parts:
Shutdown IdentityIQ: You must stop all running processes and shutdown IdentityIQ before running the upgrade.
Backup Your Existing Version of IdentityIQ:
It is very important that you perform the database and customization backup before performing the upgrade procedure.
Customizations that are stored in the IdentityIQ installation directory can include the .hbm.xml extended attribute configuration files in WEB-INF\classes\sailpoint\object and web-based content such as XHTML, JavaScript, and images.
Download and Expand the Installation Files:
Delete any existing IdentityIQ installation files before downloading the newest version.
Download the IdentityIQ installation files to a temporary installation directory on your application server Ex: C:\identityiq_installation
Do not add any previously-used e-fixes in this upgraded installation. E-fixes are only compatible with the patch level for which they were delivered.
Reapply Customization to the Upgraded Installation:
If you changed the default number of extended and searchable identity, account, or certification item attributes as part of your initial installation, copy your customized IdentityExtended.hbm.xml, LinkExtended.hbm.xml, and CertificationItemExtended.hbm.xml files into the new installation. Important notes about defining extended attributes in IdentityIQ can be found in IdentityExtended.hbm.xml. The notes there apply to all of the product’s extended attributes.
Upgrade the IdentityIQ Database:
Execute the database specific upgrade script named upgrade_identityiq_tables.database_type. By connecting to the database.
Upgrade the IdentityIQ Configuration:
Access the directory in which you extracted the identityiq.war file. cd identityiq_home\WEB-INF\bin
. Run the script and command, i.e. iiq upgrade
Note: This command applies changes to the configuration and managed data in the IdentityIQ database and only needs to be run one time for each installation of IdentityIQ regardless of the number of application servers that are in the installation.
Upgrade the IdentityIQ External Components:
If external components, such as the IQService and Connector Gateway,were deployed, those components should be upgraded at the same time as the IdentityIQ server. . Additionally, configuration in third party managed systems required for IdentityIQ integration should be upgraded.
• Upgrade the IQService, if it is deployed:
a. Backup your existing IQService installation.
b. Ensure that the service is stopped, either from the Services Applet or from the command line by running: IQService.exe -k
c. Uninstall IQService using command: IQService -u
d. Extract latest IQService in installation directory
e. Install IQService using command: IQService -i
f. Start the service: IQService.exe -s
Note: If you have executed the IQService Public Key Exchange Task for existing IQService, it is recommended that you follow the instructions to install and register a new IQService.
• Upgrade the Connector Gateway, if it is deployed:
a. Stop the connector gateway.
b. Save a copy of the init.xml configuration file located in the Connector Gateway installation directory
c. Remove the existing contents of the installation directory.
d. Extract the ConnectorGateway.zip file into the installation directory.
e. Move the saved init.xml configuration file into the installation directory.
f. Start the Connector Gateway service.
Access IdentityIQ:
Access IdentityIQ from your Web browser and continue working with IdentityIQ.
Post Upgrade Procedure:
- Clean up IdentityIQ Tables
Clean up the tables, columns, and indexes that are no longer used by IdentityIQ but that were required during the upgrade procedure with the post_upgrade_identityiq_tables.database_type
- Upgrade Data Export Tables
Modify the script matching the database on which your data export tables are stored. If necessary, alter the database name in the script. The scripts are named upgrade_data_export_tables.* and are stored in WEBINF/database/dataExport folder of your IdentityIQ installation directory.
Using a database client, run the modified application script to upgrade the data export DDL