9.4 Upgrading the Administration Console

9.4.1 Upgrading the Linux Administration Console

Upgrade running time: about three minutes.

If the Identity Server is installed on the same machine as the Administration Console, the Identity Server is automatically upgraded with the Administration Console. If you are upgrading this configuration and you have custom JSP pages, you can either create your own backup of these files or allow the upgrade program to back them up for you.

If you have installed SSL VPN along with the Administration Console, the SSL VPN server must be upgraded along with the Administration Console.

If you select not to upgrade the SSL VPN server with the Administration Console, the upgrade stops.

To upgrade:

  1. (Conditional) If the Identity Server is installed on the same machine, back up any customized JSP pages and related files.

    Although the upgrade program backs up the JSP directory and its related files, it is a good practice to back up these files.

  2. Back up any customized Tomcat files.

    If you have customized the tomcat5.conf file or the server.xml file, back up these files before upgrading. These files are overwritten during the upgrade process.

  3. If you have Red Carpet or auto update running, stop these programs before you upgrade the Access Manager Administration Console.

  4. Open a terminal window.

  5. Log in as the root user.

  6. (Conditional) If you have installed the SSL VPN server with the Administration Console and you have customized the SSL VPN user interface, back up the customized sslvpnclient.jsp file, then save it as /var/opt/novell/tomcat5/webapps/sslvpnsslvpnclient.jsp.rpmsave file.

    If a file with that name already exists, then either delete the existing file or move it to another location before saving the current .jsp file. See Customizing the SSL VPN User Interface in the Novell Access Manager 3.1 SP3 SSL VPN Server Guide.

  7. Download the upgrade file from Novell and extract the file.

    One of the extracted files contains the Administration Console, the Identity Server, and SSL VPN. For the actual filename, see the Readme.

  8. After downloading the upgrade, unpack the tar.gz file by using the following command:

    tar -xzvf <filename>

    For this installation, you need to unpack the Identity Server .tar.gz file.

  9. Change to the directory where you unpacked the file, then enter the following command in a terminal window:

    ./install.sh

  10. When you are prompted to install a product, type 1 for Install Novell Access Manager Administration, then press Enter.

    The system detects whether the Administration Console is installed, and prompts you whether to upgrade.

  11. (Conditional) If you have installed the Identity Server with the Administration Console, you are asked whether you have backed up your custom login pages:

    • If you have a backup of the files, answer Y to the prompt.

    • If you do not have a backup of the files, answer N to the prompt, which cancels the upgrade. Although the upgrade script automatically backs up the JSP directory, it is a good practice to backup your customized files.

  12. (Conditional) If you have installed the Identity Server with the Administration Console and you have customized login pages, decide whether you want your customized pages restored automatically. Be aware of the following problems with the automatic restore:

    • Your customized files might not compile without modifications. For example, customized 3.0 login pages cannot compile and run on SP3 without some major modifications.

    • Any new features introduced in JSP files that have the same name as your files are lost when your file overwrites the installed file.

    You might want to wait until after the upgrade, then compare your customized file with the newly installed file. You can then decide whether you need to modify your file before restoring it.

  13. Decide whether you want the upgrade program to create a backup of your current configuration:

    • If you have a recent backup, type N, then press Enter.

      If you select not to create a backup when you do not have a recent backup and you then encounter a problem during the upgrade, you might be forced to re-create your configuration.

    • If you do not have a recent backup, type Y, press Enter, then complete the following:

    1. Specify the administration password, then press Enter.

    2. Confirm the password.

    3. Specify a location for the backup files, then press Enter.

    4. Specify a password for the encryption key.

      When you use the backup files to restore this configuration, you must specify this password.

    5. Confirm the password.

  14. When you are prompted to upgrade, type Y, then press Enter.

  15. Review and accept the License Agreement.

  16. Specify the administration username.

  17. Specify the administration password.

  18. Confirm the password.

  19. If you have a mutual SSL or X509 certificate authentication configured, type Y, then press Enter to enable the SSL renegotiation for this server.

  20. Wait while the upgrade completes. To verify that the console is running, log in to the console from a workstation (a machine other than the one with the Administration Console).

  21. (Optional) To view the upgrade files:

    • To view the upgrade log files, see the files in the /tmp/novell_access_manager directory.

    • If you selected to back up your configuration and used the default directory, see the zip file in the /root/nambkup directory. The log file for this backup is located in the /var/log directory.

    • If the Identity Server is installed on the same machine, the JSP directory was backed up to the /root/nambkup directory. The file is prefixed with nidp_jps and contains the date and time of the backup.

If you encounter an error, see Section A.9, Troubleshooting a Linux Administration Console Upgrade.

9.4.2 Upgrading the Windows Administration Console

If you have installed the Identity Server and the Administration Console on the same machine, you must upgrade both of them at the same time.

  1. Make a backup of your current Access Manager configuration. For instructions, see Backing Up the Access Manager Configuration in the Novell Access Manager 3.1 SP3 Administration Console Guide.

  2. (Conditional) If the Identity Server is installed on the same machine, back up any customized JSP pages and related files.

    Although the upgrade program backs up the JSP directory and its related files, it is a good practice that you backup these files.

  3. Back up any customized Tomcat files.

    If you have customized the tomcat5.conf file or the server.xml file, back up these files before upgrading. These files are overwritten during the upgrade process.

  4. Download the upgrade file from Novell.

    For the filename, see the Readme.

  5. Run the executable.

    This is the installation program. When it detects an installed version of the Administration Console, it automatically prompts you to upgrade.

  6. Read the Introduction, then click Next.

  7. Accept the License Agreement, then click Next.

  8. Select to install the components that are currently installed, then click Next.

  9. At the upgrade prompt, click Continue.

  10. Specify the following information for the administrator account on the Administration Console:

    Administration user ID: Specify the name of the administration user for the Administration Console.

    Password and Re-enter Password: Specify the password and re-enter the password for the administration user account.

  11. (Conditional) If you have installed the Identity Server with the Administration Console and you have customized login pages, decide whether you want your customized pages restored automatically. Be aware of the following problems with the automatic restore:

    • Your customized files might not compile without modifications. For example, customized 3.0 login pages cannot compile and run on SP3 without some major modifications.

    • Any new features introduced in JSP files that have the same name as your files are lost when your file overwrites the installed file.

    You might want to wait until after the upgrade, then compare your customized file with the newly installed file. You can then decide whether you need to modify your file before restoring it.

  12. Decide whether you want the upgrade program to create a backup of your current configuration:

    • If you have a recent backup, click Continue.

      If you select to not create a backup when you do not have a recent backup and you then encounter a problem during the upgrade, you might be forced to re-create your configuration.

    • If you do not have a recent backup, click Run Config Backup.

      The program creates a backup and stores it in the root of the operating system drive in the nambkup directory.

  13. Select the Enable SSL Renegotiation check box if you have a mutual SSL or X509 certificate authentication configured for this server, then click Next.

  14. Review the summary, then click Install.

  15. (Conditional) If the upgrade seems to hang and you have been performing other tasks on the desktop, click the install screen and check behind it for a warning message.

    Some of the subcomponents of Access Manager do not send warning messages to the front when the focus of the mouse is not on the installation window.

  16. When you are prompted, reboot the machine.

  17. (Optional) View the upgrade log file found in the following location: 

    C:\Program Files\Novell\log\AccessManagerServer_InstallLog.log