|Applies To||Access Manager 6.0.4|
Windows 2003 Server
|Issue||AxM - Need ClearTrust 5.5.3 to Access Manager 6.0.4 upgrade information and files for Windows|
ClearTrust End Of Life is December of 2009 and customers require some tips on the upgrade process and the materials required. As with any installation and upgrade, the Installation and Configuration guides , readmes and release notes should be referenced as well. Customers upgrading from 5.5.x to 6.0.4 on the windows platform.
Instructions to upgrade from ClearTrust 5.5.x to Access Manager 6.0.4 for Windows
One of the most important issues when upgrading from 5.5.3 to 6.0.4 is the backend Schema changes. With LDAP datastores, the original release of Access Manager 6.0 introduced an issue with the LDAP schema upgrade. The Access Manager 6.0.4 patch kit and a corrected ldap_55_to_60.bat file are required to upgrade the LDAP schema. Backup your datastore before performing any upgrades.
This is the link to the full installation of Access Manager 6.0 for all platforms:
Optional components which are provided with Access Manager 6.0 are available at these links. They are not required for Access Manager operation:
When running the Access Manager 6.0 server installation, the automated upgrades scripts will try and migrate the 5.5.3 settings to the new configuration, but may not be able to accommodate configuration files that have been heavily modified. A more successful result may be obtained by using the 6.0 configuration files and migrating the 5.5.3 settings over manually. There are additional settings in the 6.0 files that were introduced as hot fixes and new features.
Manually copy over the keyserver.sec and keyclient.sec files from the %CT_HOME%\var directory as well as the license.xml and Java JKS/p12 keystores (optional) that are in the %CT_HOME%\conf directory.
6.0.4 patch kit with 64 bit JRE
A new feature of Access Manager 6.0.4 provides support for RSA Adaptive Auth Server products. The 6.04 pack provides additional jars which are specific to Adaptive Auth. Copy all the jars in the \lib directory as instructed in the readme.txt and release notes that come with the 6.0.4 patch.
Re-deploy the latest Access Manager 6.0.4 admingui.war file. It is located in the \webapps directory of the 6.0.4 patch kit.
The latest jservice.exe is provided, as well as updated jars supporting Access Manager SDK and webservices. If running Access Manager as windows services, using the updated jservice.exe results in lower memory consumption.
Replace the java JRE located in %CT_HOME%\jre directory installed by 6.0 with that provided with the 6.0.4 patch (32 or 64 bit ). It is located in the \dst directory of the 6.0.4 patch kit. The new jre provides support for all current DST requirements.
Obtain the corrected ldap_55_to_60.bat file to upgrade the LDAP schema. Follow the schema update instructions in the Access Manager 6.0 upgrade.pdf file using this replacement ldap_55_to_60.bat file.
Access Manager 6.0.4 is a cumulative patch but missed one component, the latest JCIFS.jar for NT Auth. It is available here:
Obtain the latest 6.0.4 hot fix of the components. Currently only the cleartrust.jar has been updated. The latest Cleartrust.jar is available here:
Compare the bat files in the %CT_HOME%\bin directory and the windows services in regedit used in both installs 5.5.3 and 6.0, especially the aserver.bat and service. Check the java heap setting ?Xmx, 128m is too low, 256 is the minimum. Use a higher value if found in the 5.5.3 settings. Do not carry over any additional custom java directives for garbage collectors. The 1.5 JRE used by Access Manager 6.0.4 has improved garbage collection facilities.
|Legacy Article ID||a44406|