RSA Authentication Manager 8.2 introduces support for VMware ESXi 6.0.  Refer to page 5 of the RSA Authentication Manager 8.2 Release Notes for more information.

This article provides an overview of steps taken by an administrator to move Authentication Manager 8.1 production data into an Authentication Manager 8.2 deployment running in a VMware environment utilizing ESXi 6.0 hosts.

Always apply a software update to the primary instance and then to any replica instances in the deployment, making sure to complete one at a time (should there be more than one replica in the Authentication Manager deployment).

1. Download the following from RSA Download Central.  Refer to 000034558 - How to download RSA Authentication Manager 8.x full kits from RSA Link for more information.

• RSA Authentication Manager 8.2 – Update (rsa-am-update-8.2.0.0.0.zip) and the
• RSA Authentication Manager 8.2 – VMware Virtual Appliance (rsa-am-vmware-virtual-appliance-8.2.0.0.0.ova).  

2. Use the Operations Console of the Authentication Manager 8.1 primary instance on the ESX 5.x host to perform a backup.
   1. Login to the Operations Console. 
   2. Select Maintenance > Backup and Restore > Back Up Now.
   3. Name the backup or use the default naming convention of yyymmddhhmm.RSAbackup (e. g., 201701022100.RSAbackup).  
   4. Create a backup password and store this password in a secure location.  It will be needed if this backup needs to be restored to the server.  There is no recovery if this password is lost.
   5. Select the backup location.  Backups created on the Authentication Manager local hard drive are stored in /opt/rsa/am/backup.
   6. Click Backup.
   7. Click Done when complete.
3. Within a change control window and ensuring the Authentication Manager primary instance is at least at 8.1 Service Pack 1 (residing on the ESXi 5.x host), apply the Authentication Manager 8.2 software update (rsa-am-update-8.2.0.0.0.zip).
4. Use the Operations Console of the production Authentication Manager 8.2 primary instance on the ESXi 5.x host to perform a backup.  NOTE: This is the backup we are going to restore into the new Authentication Manager 8.2 primary instance on the ESXi 6.0 host:
   1. Login to the Operations Console. 
   2. Select Maintenance > Backup and Restore > Back Up Now.
   3. Name the backup or use the default naming convention of yyymmddhhmm.RSAbackup (e. g., 201701022100.RSAbackup).  
   4. Create a backup password and store this password in a secure location.  It will be needed if this backup needs to be restored to the server.  There is no recovery if this password is lost.
   5. Select the backup location.  Backups created on the Authentication Manager local hard drive are stored in /opt/rsa/am/backup.
   6. Click Backup.
   7. Click Done when complete 
5. Restore the backup to the new Authentication Manager 8.2 primary instance on the ESXi 6.0 host:
   1. Login to the Operations Console. ​​
   2. Select Maintenance > Backup and Restore > Restore from Backup.
   3. Select the backup location.
   4. For restore options, choose All Data.
   5. Click Next.
   6. From the list, select the correct backup and click Next.
   7. Enter the password created in step 4d above and click Restore.

6. SSH or connect directly to the production Authentication Manager 8.2 primary instance on the ESXi 5.x host.
7. Run the following command to shutdown the server:

login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Tue Feb  7 16:19:24 2017 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am82p:~> sudo shutdown now
rsaadmin's password: <enter operating system password>
Broadcast message from root (pts/0) (Thu Feb 23 16:28:07 2017):
The system is going down to maintenance mode NOW!

8. Change the hostname and IP address of the new Authentication Manager 8.2 primary instance on the ESXi 6.0 host to use the original production primary hostname and IP address.  Refer to the Operations Console Online Help by searching for Network Settings in the Search help field for the procedure to changing network settings for an Authentication Manager instance.
9. Shutdown the production Authentication Manager 8.2 replica instance on the ESXi 5.x host at the command line by running the following command:

login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Tue Feb  7 16:19:24 2017 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am82r:~> sudo shutdown now
rsaadmin's password: <enter operating system password>
Broadcast message from root (pts/0) (Thu Feb 23 16:28:07 2017):
The system is going down to maintenance mode NOW!

10. Perform authentication tests to the Authentication Manager 8.2 primary instance on the ESXi 6.0 host.
11. When the authentication tests are successful, deploy the RSA Authentication Manager 8.2 .ova template using the replica instance hostname and IP address.
12. Deploy a replica instance and attach the replica to the new Authentication Manager 8.2 primary instance on the ESXi 6.0 host.  Refer to the RSA Authentication Manager 8.2 Setup and Configuration Guide for steps on how to deploy an Authentication Manager replica
13. Check replication between the Authentication Manager 8.2 primary instance and Authentication Manager 8.2 replica instance running on the ESXi 6.0 host.
    1. Login to the Operations Console. ​​
    2. Select Deployment Configuration > Instances > Status Report.

RSA Authentication Manager full installers

The RSA Authentication Manager full installers are found by using the Additional Downloads button found at the bottom of the page when using either the RSA Authentication Manager 8.1 Downloads or RSA Authentication Manager 8.2 Downloads pages.

Refer to 000034558 - How to download RSA Authentication Manager 8.x full kits from RSA Link for more information.

RSA Authentication Manager 8.x Software Updates

• All software updates for Authentication Manager 8.x are performed from the Operations Console and installation instructions are provided in the release notes of each software update.
• An example of how a software update is applied to an Authentication Manager instance is shown in this video presentation.

Important Notes

• Always apply a software update to the primary instance and then a replica instance (one at a time should there be more than one replica in the Authentication Manager deployment).
• It is expected that the replication status is showing as Normal with a recent date/time stamp for the Last Successful Replication cycle before applying a software update.
• Each instance in the Authentication Manager deployment must be running the same software version before moving onto the next software update.

 RSA Authentication Manager 8.1 software update
​

Patch Order	Patch	Related Document
1	RSA Authentication Manager 8.1 SP1 – VMware Virtual and Hardware Appliance Update	RSA Authentication Manager 8.1 SP1 Release Notes
2	RSA Authentication Manager 8.1 Service Pack 1 Patch 15	RSA Authentication Manager 8.1 Service Pack 1 Patch 15 (P15) Readme

 RSA Authentication Manager 8.2 software update

 

Order	Patch	Related Document
1	RSA Authentication Manager 8.2 Patch 5	RSA Authentication Manager 8.2 Patch 5 Readme

NOTE: Service Pack and Patch installation instructions are provided in the Release Notes or readme documents.