see Novell official documentation.
Consult appropriate Novell Documentation and Readme files provided for the release you are using.
We put IDP and Console files in "special" locations as follows:
mkdir /root/downloads mkdir /var/opt/novell/tomcat5/webapps/nidp/downloads mkdir /var/opt/novell/tomcat5/webapps/nidp/downloads/namsp3
Need to copy the above file to each Admin Console/IDP server.
scp -pvr -P 22 /Users/jim/Downloads/software/novell/nam/AM_31_SP3_IR1_IdentityServer_Linux32.tar.gz root@su-idpappqa01:/root/downloads/AM_31_SP3_IR1_IdentityServer_Linux32.tar.gz
This needs to only be done on one Admin Console/IDP server:
scp -pvr -P 22 /Users/jim/Downloads/software/novell/nam/AM_31_SP3_IR1_AccessGatewayAppliance_Linux_SLES11.tar.gz root@su-idpappqa02:/var/opt/novell/tomcat5/webapps/nidp/downloads/namsp3/lagrpms.tar.gz
Then on the Admin Console/IDP: Change rights so the file is visible from tomcat:
chown -R novlwww:novlwww /var/opt/novell/tomcat5/webapps/nidp/downloads
tar -xzvf AM_31_SP3_IR1_IdentityServer_Linux32.tar.gz cd /root/downloads/novell-access-manager-3.1.3-273/ ./install.sh
Currently The client we were working with did not use the SSLVPN Agent.
Select "1" to do the install as the Admin COnsole and the Idnetity Server is all on the same box. The process will upgrade both.
Please select the installation you wish to perform: 1. Install Novell Access Manager Administration 2. Install Novell Identity Server 3. Install Novell SSLVPN Agent Select installation (1, 2, 3 or QUIT)[1]:
Currently The client we were working with did not use the SSLVPN Agent.
/tmp/novell_access_manager
Also verify the version in the Administration Console.
Downloading http://su-iamwpapptst01.nam.willeke.com:9080/downloads/AM3SP4/lagrpms.tar.gz failed
The file will then be available at:
http://su-idpappqa01.nam.willeke.com:8080/nidp/downloads/namsp3/lagrpms.tar.gz
We did the upgrades form the command line:
/chroot/lag/opt/novell/bin/lagupgrade.sh --url http://su-idpappqa01.nam.willeke.com:8080/nidp/downloads/namsp3/lagrpms.tar.gz
When we start the install script, we see:
The Administration server is already installed. The Identity Server is already installed. #################################################################################### ################################## W A R N I N G ################################### #################################################################################### # Before you perform this upgrade, it is VERY IMPORTANT that you make sure # you have a backup of all JSPs found at: /opt/novell/nids/lib/webapp/jsp # A backup of this directory will be created at: /root/nambkup/ # before installation starts if you select to continue. # Any changes in this directory WILL BE OVERWRITTEN if the upgrade continues. # You will be prompted to restore some of these files after the install- # for more information: http://www.novell.com/documentation/novellaccessmanager31/installation/data/bk0lvlm.html ####################################################################################The link shown provides a 404 error.
and then:
Do you want to restore custom login pages? (y/n):y #################################################################################### # # ********** ALWAYS UPGRADE THE PRIMARY ADMINISTRATION CONSOLE FIRST **************. # Please BACKUP the data and configuration in this server before running the upgrade. # The installer had detected one or more components already installed on the system. # If you proceed, ALL detected components will be upgraded at this time. # During this upgrade no new components will be installed in addition to ones present #################################################################################### => Proceed to backup configuration data (y/n)? [y]: This appears to be a secondary administration console. Please run the backup from the primary administration console. => Continue with Upgrade (y/n)? [n]:y
Warning: This installer is bundled with JDK, which has ssl renegotiation disabled by default.If you are using x509 authentication, then renegotiation has to be enabled. Would you like to enable ssl renegotiation for this server y/n? [n]:
No idea what we should do at this point.
The script output shows:
Successfully installed the following components:Novell Audit Platform Agent Novell Audit Server Novell Audit Platform Agent Novell Device Manager Novell Configuration Store Novell Identity Server Administration Plugin Novell iManager Upgrade Novell Access Manager Server Communications Novell Identity ServerWe also checked in the Admin Console for versions and it was confirmed that this is what happens.
How can one tell if the pages were modified? Many customers would not have a clue if the pages were modified as often they products were installed by consultants.
We did no restores and the pages all appear to be fine.
Upgrading LAG rpms... warning: /etc/opt/novell/tomcat5/tomcat5.conf created as /etc/opt/novell/tomcat5/tomcat5.conf.rpmnew insserv: script novell-vmc-chroot: service vmcontroller already provided! insserv: script snmpd.noe: service vcp already provided! insserv: script novell-vmc-chroot: service vmcontroller already provided! insserv: script snmpd.noe: service vcp already provided! warning: /etc/syslog-ng/syslog-ng.conf saved as /etc/syslog-ng/syslog-ng.conf.rpmsave /var/tmp/rpm-tmp.72606: line 81: [: too many arguments insserv: script novell-vmc-chroot: service vmcontroller already provided! insserv: script snmpd.noe: service vcp already provided! insserv: script novell-vmc-chroot: service vmcontroller already provided! insserv: script snmpd.noe: service vcp already provided!
The warnings and obvious script error are not very comforting.
We also had one LAG (of six) where the vmc service did not start and we were shown an error. All the LAGs were upgraded successfully and even the one where the script said VMC service did not start was running when we checked.
NOTE: For geeks that want to know. The file is downloaded via curl) to: /opt/novell/devman/jcc/lagrpms.tar.gz Once it is downloaded, and installed, it is removed.
Checked log: Successfully upgraded the system with Linux Access Gateway rpms All green in Device Manager
Also verify the version in the Administration Console.