Scribd
Upload
8 views

Migration steps

The document outlines the process for removing a failed secondary server from the replica ring, installing a new secondary server with the same IP and hostname, and performing migration steps to ensure proper configuration. It includes detailed instructions for managing server objects, configuring the Access Manager Appliance, and migrating data while ensuring all necessary backups and administrative actions are taken. Additionally, it provides post-migration activities and guidelines for migrating other nodes in the system.

Uploaded by

Raj Khanna
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views

Migration steps

The document outlines the process for removing a failed secondary server from the replica ring, installing a new secondary server with the same IP and hostname, and performing migration steps to ensure proper configuration. It includes detailed instructions for managing server objects, configuring the Access Manager Appliance, and migrating data while ensuring all necessary backups and administrative actions are taken. Additionally, it provides post-migration activities and guidelines for migrating other nodes in the system.

Uploaded by

Raj Khanna
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

1. Removing the secondary server from the replica ring.

On the primary console, click Troubleshooting.

In Other Known Device Manager Servers, click Remove next to the failed secondary console.

Remove traces of the secondary console from the configuration datastore:

In the Access Manager menu bar, select View Objects.

In the Tree view, select novell.

Delete all objects that reference the failed secondary console.

You should find the following types of objects:

SAS Service object with the hostname of the secondary console

An object that starts with the last octet of the IP address of the secondary console

DNS AG object with the hostname of the secondary console

DNS IP object with the hostname of the secondary console

SSL CertificateDNS with the hostname of the secondary console

SSL CertificateIP with the hostname of the secondary console

Remove any traces of Secondary Access Manager Appliance replicas from the replica ring if you are
migrating a primary appliance if you already have three nodes or more and had to remove one of
the
secondary nodes and before migrating secondary nodes that hold an eDirectory replica which has an
Administration Console:
1 Log in to Administration Console as a root user.
2 Run the /opt/novell/eDirectory/bin/ndsrepair -P -Ad -a command. This step
might take about 5-7 minutes.
3 Select the replica and click View replica ring.
Select the name of the secondary server and click Remove this server from replica ring.
4 Specify the DN of the admin user in leading dot notation. For example, .admin.novell.
5 Specify the password and select I Agree.

2. Installing the new secondary server with same IP and


hostname

Installation Using the Access Manager Appliance ISO


NOTE: Access Manager Appliance does not support special characters in the Username and
Password fields.
1 Insert the Access Manager Appliance CD into the CD drive.
2 Select install_NAM-SingleBox-appliance.

By default, the Boot From Hard Disk option is selected in the boot screen.

3 Press Enter.

4 Cick Yes to the Destroying ALL data on sda, continue? prompt.

This loads the NAM-SingleBox-appliace.x86_64-5.0.2.raw file. After verifying the sda,


the Initializing Appliance Configuration screen appears.

5 After checking the Appliance dependencies, the License page appears. Review the license
agreement after selecting the language preference and then click Accept.

6 In the Access Manager Appliance Passwords and Time Zone screen, enter the
root
password and confirm the same.

In the Root Password section, specify password for the root user and name of the NTP server.

7 Select the region and time zone on the Clock and Time Zone page.

8 Review the Access Manager Appliance Network Settings and enter the Hostname. Example:
namapp.novell.com.

9 Click Next.

10 Specify the following details:

11 Wait for the configuration to complete and click Next. In the Configuring password, time and
network settings screen, the Finalizing configuration progress bar is displayed. After the
configuration is complete, The Access Manager appliance is ready for
configuration message appears.

Follow the instructions displayed.


To configure the appliance:
1. At your management workstation, open a browser and enter one of the
following URLs"
https://namapp.novell.com:9443
https://10.10.0.11:9443
2. Log in as root with the password that you set during appliance first
boot.
To change the IP address of the appliance:
1. At the command line, run the following as root:
yast novell-vainit
2. After making the desired changes, reboot the appliance.
IMPORTANT: Do not use the terminal prompt before consulting the
documentation. Appliance administration requires appliance-specific
tool.
Using standard tools can result in service disruption or failure.

Configure Access Manager Appliance Using Common Appliance Framework User Interface
When you log in to the Common Appliance Framework using the URL https:/<IP>/:9443 (CAF), you
can view the notifications and upgrade the operating system by clicking Online Update.
1 Access Manager appliance is ready for configuration. You can now log in as root user into the
Common Appliance Framework user interface using https://<IP>:9443 URL.
2 After successful login, the Micro Focus Access Manager Appliance Administration user interface
is displayed.
3 Click Access Manager Configuration under Access Manager Tools, and specify the following
fields:

4 Click Save.
The install process begins and it takes around 20 minutes for the install process to complete.
After successful installation, refresh the Administration Console health status, wait for the same
to turn green, and then log into the Administration Console using the https://<ip>:9443
URL. Access Gateway and Identity Server are configured and available for use.

3. Performing migration:

MIGRATION STEPS:
Copy the backup file into /root/backup/ in the new server.

1 Switch off the primary VM which is on 4.5.x.

2 Log in as root at the secondary Access Manager Appliance and run the /tmp/NAM5.0.1/
sb_migrate.sh script. Enter Y when prompted to confirm.

3 Enter 1 when prompted to select the replica number.


Select a replica to display an options menu. Enter a replica number(1-
1)?
Total number of replicas = 1
PARTITION NAME REPLICA TYPE REPLICA STATE
(1).[Root]. Read/Write On
Enter 'q' to escape the operation.

4 Specify the replica option 5 from the list of 15 options and select I Agree when prompted. This
option designates the selected server as the new master replica.
5 Specify the DN of the admin user in the leading dot notation. For example, .admin.novell.
Specify the password.

6 Specify 1 to specify Root to the prompt.


This list shows information for each replica stored on this server.
Select a replica to display an options menu.
PARTITION NAME REPLICA TYPE REPLICA STATE
(1).[Root]. Master On

7 Specify 10 from the 0-15 replica options to view the Replica Ring.

8 Select the relevant server number. In the following example, (1) is applicable.
Finding all servers with replicas
Please Wait...
Replicas Of Partition: .[Root].
Total number of servers in the replica ring = 2
SERVER NAME REPLICA TYPE REPLICA STATE
(1).lakhil_sb.novell Read/Write On
(2).ntsdemo.novell Master On
(3)Return to Replica Options
Enter 'q' to escape the operation.

9 Specify 6 to remove the primary server from the following Server Options:

SERVER OPTIONS
1. Report synchronization status on the selected server
2. Synchronize the replica on the selected server
3. Send all objects to every replica in the ring
4. Receive all objects from the master to this replica
5. View entire servers name
6. Remove this server from replica ring
7. Return to Server List
Enter 'q' to escape the operation

10 Specify the DN of the admin user in the leading dot notation. For example, .admin.novell.
Specify the password.
You can see the message: The server has been removed from the ring.

11 Specify the location of the backup file with absolute path. For example, /root/nambkup/
sb452_20230316_1532.zip

12 (Conditional) Specify the password for decrypting the backup data. Re-enter the password for
verification.

After verifying the encrypted password and restoring the certificates, the Access Manager
Configuration Backup Utility terminal is displayed.

13 Specify the Access Manager Administration password. Re-enter the password for verification.

14 After the certificates are restored, enter the Access Manager Administration Console user ID.

15 Specify the Access Manager Administration Console password. Re-enter the password for
verification.

NOTE: The administrator must wait for the completion of the migration script. The completion
status is displayed on the terminal.

Following are steps required to be performed on the 5.0.1 Administration Console:

1 Log in to the new Administration Console in a web browser and click Access Gateways.

2 If the old primary Appliance's Access Gateway is the primary server (shows the red icon next to
it), then change the primary Access Gateway server.

2a Click [Access Gateway cluster name] > Edit.

2b Select a different primary Access Gateway > click OK > Close.


Ignore any trust store related warnings.

2c Click Update All.

Wait until the status becomes current for all except the old primary Appliance.

3 Click Troubleshooting.

4 In Other Known Device Manager Servers, select the old primary Access Manager Appliance and
click Remove.

5 Remove traces of the old primary Access Manager Appliance from the configuration datastore:

5a In the Access Manager menu bar, select View Objects.

5b In the Tree view, select novell.

5c Delete all objects that reference the old primary Access Manager Appliance.

You should find the following types of objects:


SAS Service object with the hostname of the old primary console
Any object that starts with the last octet of the IP address of the old primary console
LDAP server object with the hostname of the old primary console
LDAP group object with the hostname of the old primary console
SNMP Group object with the hostname of the old primary console
HTTP Server object with the hostname of the old primary console
DNS AG object with the hostname of the old primary console
DNS EC AG object with the hostname of the old primary console
DNS IP object with the hostname of the old primary console
SSL CertificateDNS with the hostname of the old primary console
SSL EC CertificateDNS with the hostname of the old primary console
SSL CertificateIP with the hostname of the old primary console
IP AG object with the hostname of the old primary console
IP EC AG object with the hostname of the old primary console
NCP server object with the hostname of the old primary console
PS object with the hostname of the old primary console

Post Migration Activities:


1. Edit the /etc/hosts files add an entry to resolve its hostname to its private IP address.
2. Jsp files: (optional)
Create an empty folder legacy.
a. Add the legacy folder to Identity Server in
the/opt/novell/nids/lib/webapp/WEBINF/
directory using Advanced File Configurator.

b. Add all backed up JSP files into the /opt/novell/nids/lib/webapp/jsp directory


using
c. Refresh the browser to see the changes.
3. Edit all conf files (if they are customized) (optional)

4. Migrating other Nodes


1. Switch off the other nodes one after the one after deleting from the cluster.

2. Perform a fresh install and add it to the existing cluster.

3. All the devices will now be on the Access Manager 5.0 Service Pack 1 version.

(Perform the migration on only the first node of Access Manager 5.0 Service Pack 1 node and the
remaining nodes must be freshly installed)

You might also like