Identity Manager - Post Upgrade Designer Steps

  • 7024865
  • 14-Oct-2020
  • 15-Oct-2020

Environment

Identity Manager Engine, Designer and RBPM 4.7
Identity Manager Engine, Designer and RBPM 4.8

Situation

Many IDM upgrade issues stem from steps being missed entirely or done in the wrong order. This often results in Designer having incorrect version information stored in the project while attempted updates are being pushed to the IDM Engine. The UserApp and Role and Resource Service Driver updates are documented here. The Designer package upgrade steps are outlined in section 6.2.3 of this document. A full Live -> Deploy is required after the IDM Engine(s) is upgraded, in order for the new driver packages and eDirectory schema to be loaded in the Identity Vault. Do not perform a Compare -> Reconcile when upgrading. The custom attributes and schema mentioned here will not be installed properly.

When upgrading the Identity Vault and Engine, and then importing a new project to Designer is not an option, it is very important to perform the following steps to have the version information of the project updated. This has to happen in a particular order before deploying the updated project back into the Identity Vault. With the following sections updated to the correct eDirectory, IDM and driver versions, the latest packages will be made available for each driver in the project and the new schema for User Application (including UAD) will be installed.

Resolution

This document can help correct failed upgrades or be used to ensure the required Designer updates are not missed in the first place. The Identity Applications upgrade scripts (from 4.7 on) now allow you to point the configuration to the existing drivers for Identity Applications, but you first need the upgraded IDM Engine (best practice is to upgrade and then patch eDirectory and IDM Engine to latest available SP for major release) and following Designer updates pushed out.

Often times, the missed or out of order Designer steps are caused by using existing projects that do not get updated in the following sections. When using existing projects, MANUALLY confirm the Identity Vault Properties -> Server List -> Edit

Vault Properties:

Server List:

Vault Versions:

User Application Driver - Version Info:

User Application Driver Packages tab: