Can you please let me know the steps to be followed for CA Single Sign-On upgrade from 12.6.1 to 12.7 version. I want to do the upgrade instead of fresh installation.
I have the below doubts in specific with the upgrade :
1. Do we need to import the Data Definitions (DD) in the upgrade? Or will the upgrade take care of this automatically?
2. Do we need to import the default policy objects in the upgrade? Or will the upgrade take care of this automatically?
I know we have to do the above steps with a fresh install but my doubt is do we need to do it in the upgrade?
Can you please share your thoughts? Thank you.
Yes, you will have to perform both the above steps.
Basically , you will also need to upgrade policy store.
The simple answer is, if we have a policy store which the installer supports, then the installer would handle the binary and policy store upgrade. If we have a policy store which the installer does not support, then installer would handle the binary upgrade and we would have to manually upgrade the policy store (using the commands listed above).
If we are manually upgrading the policy store, should we import default objects. I recommend "YES"; as if there are new objects they'd only be added by this step. Be careful, you need to import either smpolicy.xml OR smpolicy-secure.xml (not both).
We may not need to do all the steps listed here, since we are at 12.6.1, the only applicable ones seem to be...
Step-2 : Import the Policy Store Data Definitions.
Step-3 : Import the Default Policy Store Objects
Step-4 : Import the Federation Policy Store Objects
There may be also a few steps to import additional default objects. These are not defined in the doc, but it is good to compare and ascertain.
I'll create a checklist of OS versions / bitness, policy store versions, JDK versions etc - just to make sure we have cross verified all support matrix version compatibilities, before we even talk about steps / process. I am sure we'd done, the checks, but listing'em nevertheless.
Yes, I have verified the compatibility between the components and I don't see any issues with it.
Can you please provide more details with regard to "policy store which the installer supports" from your earlier post. We are using CA Directory as the policy store.