4.2 Upgrading from the Fan-Out Driver

The Identity Manager Fan-Out driver provides one-way synchronization to a heterogeneous mix of systems including Linux and UNIX systems, and IBM* i5/OS* and z/OS* systems. The Fan-Out driver also provides authentication redirection from those systems.

Moving to the Linux and UNIX driver provides two main advantages.

Consider the following before migrating from the Fan-Out driver to the Linux and UNIX driver.

4.2.1 Preparing for Migration

If necessary, migrate the UID and GID numbers from the appropriate Fan-Out driver Platform Set. You can assign RFC 2307 attributes, such as homeDirectory and loginShell, to objects in the Identity Vault.

To use the Linux and UNIX Settings driver to accomplish this:

  1. Install the Linux and UNIX Settings driver on each connected Linux or UNIX system.

  2. Set the properties of the Linux and UNIX Settings driver to correspond to the UID/GID ranges that were specified in the Fan-Out driver.

  3. Configure the Linux and UNIX Settings driver to populate the desired RFC 2307 attributes.

For details about installing and configuring the Linux and UNIX Settings driver, see the Linux and UNIX Settings Driver Implementation Guide on the Identity Manager 3.6.1 Drivers Documentation Web site.

4.2.2 Migrating Fan-Out Driver Platform Services to the Linux and UNIX Driver

Perform the following steps on your target platform system:

  1. Stop the following processes:

    • asamrcvr

    • asampsp

  2. Remove the Platform Services startup scripts from /etc/init.d.

  3. Install the driver shim on the connected system.

    For details, see Section 3.7, Installing the Driver Shim on the Connected System.

  4. Install the Linux and UNIX driver PAM or LAM module.

    For details, see Section 3.8, Installing the PAM or LAM Module.

4.2.3 Configuring the Driver

  1. Install and set up the Linux and UNIX driver on the Metadirectory server.

    For details, see Section 3.6, Setting Up the Driver on the Metadirectory Server.

  2. Make any required policy modifications.

    Create or modify an appropriate policy to use the alternative naming attribute if one was used by the Fan-Out driver. For more information about policy customization, see the Policy Builder and Driver Customization Guide on the Identity Manager 3.6.1 Documentation Web site.

  3. Start the Linux and UNIX driver.

    Click the upper right corner of the driver icon, then click Start driver.

  4. Migrate the users to make new associations. For details, see Section 5.3.1, Migrating Identities from the Identity Vault to the Connected System and Section 5.3.2, Migrating Identities from the Connected System to the Identity Vault.

4.2.4 Post-Migration Tasks

Perform the steps listed in Section 3.9, Post-Installation Tasks.

After the new driver is operating properly, you can remove the Fan-Out driver components.

  1. Delete the Platform object from the Fan-Out driver configuration.

  2. On the connected system, uninstall Platform Services by removing all startup scripts and deleting the /usr/local/ASAM directory.

  3. If this is the last platform being served by the Fan-Out driver, you can uninstall the Fan-Out core driver:

    1. Remove the ASAM directory from the file system.

    2. Remove the ASAM System container object and all of its subordinates from the tree.

    3. Uninstall the Fan-Out driver plug-ins.