Chat now with support
Chat with Support

Safeguard Authentication Services 4.2.3 - Upgrade Guide

Privileged Access Suite for Unix Introducing One Identity Authentication Services Upgrade the web console Upgrade Authentication Services Windows components Configure Active Directory for Authentication Services Configure Unix agent components Upgrade Authentication Services client components manually Getting started with Authentication Services Troubleshooting

Upgrading Management Console for Unix

The process for upgrading Management Console for Unix from an older version is similar to installing it for the first time. The installer detects an older version of the console and automatically upgrades the components.

Note: The procedures in this topic assume you have Management Console for Unix 2.0.x (or later) installed.

Before you begin the upgrade procedure, close the console and make a backup of your database, as explained in step 1.

To upgrade Management Console for Unix

  1. Backup the database files:
    1. Shutdown the service. See Start/Stop/Restart Management Console for Unix Service in the console online help for details.

      Management Console for Unix uses a HSQLDB (Hyper Structured Query Language Database) to store its data such as information about the hosts, settings, users, groups, and so forth.

    2. Copy the /var/opt/quest/mcu data directory to a backup location.

      Refer to Database Maintenance in the online help for more information about the database locations and filenames.

    3. After backup is complete restart the service. See Start/Stop/Restart Management Console for Unix Service in the console online help for details.

      Once you backup the database files, you are ready to start the upgrade.

  2. To start the upgrade, follow the instructions for a first-time installation. See Installing the Management Console in the console online help for details.

    When the installer detects a previous version of the mangement console is already installed, it asks if you want to continue.

  3. Click Yes in the Install Management Console for Unix dialog.
  4. Accept the terms of the license agreement and click Next.
  5. Modify the default SSL (https) and Non-SSL (http) port numbers, if necessary, and click Install.

    The installation wizard uninstalls the old version and configures the server database and service.

  6. In the Complete dialog, select the Launch the Management Console option and click Finish.

Note: After an upgrade from any version of Management Console for Unix, it is important to re-profile all managed hosts.

Upgrade Authentication Services Windows components

One Identity recommends that you upgrade your Windows components before you upgrade the Unix components.

The process for upgrading the Authentication Services Windows components from older versions is similar to the initial installation process. The Authentication Services Windows installer detects older versions and automatically upgrades them. The next time you launch Active Directory Users and Computers, you will see the updated Authentication Services property tabs.

Note: Have your license available for the Setup wizard.

Upgrading Authentication Services Windows components

If you had a previous version of the One Identity Identity Manager for Unix web console, upgrade to the Management Console for Unix mangement console to take advantage of the new features.

To upgrade the Authentication Services Windows components

  1. From the Authentication Services Autorun Setup tab, click Authentication Services to launch the Setup wizard.

    The InstallShield Wizard Welcome dialog indicates that a previous installation was found.

  2. Click Next in the Welcome dialog and follow the wizard prompts.

    The Setup Status dialog shows the progress of the upgrade:

    • Removing component registrations
    • Installing
    • Updating shortcuts
    • Registering components
  3. In the Update Complete dialog, indicate whether you want to restart your computer now or later.

If you choose No, I will restart my computer later, the old version of the Control Center opens; you must restart your computer to complete the upgrade process.

Configure Active Directory for Authentication Services

To utilize full Active Directory functionality, when you install Authentication Services in your environment, One Identity recommends that you prepare Active Directory to store the configuration settings that it uses. Authentication Services adds the Unix properties of Active Directory users and groups to Active Directory and allows you to map a Unix user to an Active Directory user. This is a one-time process that creates the Authentication Services application configuration in your forest.

Note: To use the Authentication Services Active Directory Configuration Wizard, you must have rights to create and delete all child objects in the Active Directory container.

If you do not configure Active Directory for Authentication Services, you can run your Authentication Services client agent in Version 3 Compatibility Mode, which allows you to join a host to an Active Directory domain.

For more information, see Version 3 Compatibility Mode.

When running Authentication Services client agent in Version 3 Compatibility Mode, you have the option in One Identity Management Console for Unix to set the schema configuration to use Windows 2003 R2. See Configure Windows 2003 R2 Schema in the mangement console online help for details. The Windows 2003 R2 schema option extends the schema to support the direct look up of Unix identities in Active Directory domain servers.

You can also create the Authentication Services application configuration from the Unix command line, if you prefer. For more information, see Creating the Application Configuration from the Unix Command Line in the Authentication Services Installation Guide.

Related Documents