Pre-Upgrade Tasks

CA Advanced Authentication Upgrade Guide › CA Advanced Authentication Upgrading › How to Upgrade CA Risk Authentication for UNIX › Pre-Upgrade Tasks

Pre-Upgrade Tasks

Perform the following pre-upgrade tasks before you begin the upgrade procedure:

Important! Perform the upgrade procedure on the system where the CA Advanced Authentication is installed.

Verify that the account in use for the upgrade operation belongs to the Administrators group.
From release 8.0, a rule with a score of 0 no longer carries the ALLOW advice. Instead, a score of 0 implies SILENT, which means that the rule is executed, but is not used for scoring. If the default score was 0 before the upgrade, then the default score is changed to 1 during the upgrade.
Note: For information about changing the score of a rule, see CA CA Risk Authentication Administration Guide.
Custom add-on rule types that you created in release 2.x or earlier releases are not migrated during the upgrade. The feature to create a custom add-on rule type by importing an XML file has been deprecated. If your CA Risk Authentication deployment contains custom add-on rule types, then delete them before the upgrade.
If the mnemonic or name of an existing rule is the same as the newly introduced or modified mnemonic or name of a rule by the upgrade, then the upgrade fails. The same issue is encountered if the name of an existing rule is the same as the name of a new rule. To avoid this issue:
1. Use the CA Advanced Authentication to compare the mnemonics of your existing rules with the mnemonics of the rules that are newly introduced or modified by the upgrade.
  The following table lists the rules that are newly introduced or modified by the upgrade:

Rule Name	Rule Mnemonic
Unknown DeviceID	UNKNOWNDEVICEID
Device MFP Not Match	MFPMISMATCH
User Not Associated with DeviceID	USERDEVICENOTASSOCIATED
Unknown User	UNKNOWNUSER

If the mnemonic of an existing rule matches the mnemonic of a new rule, delete the existing rule and then re-create it. While you re-create the rule, give it a different mnemonic. The system allows the rule name to be the same for two different rules. But we recommend that you change the name of the existing rule to avoid confusion.
Note: For information about deleting and creating rules, see CA CA Risk Authentication Administration Guide.

In release 8.0, you can have a rule, ruleset, or miscellaneous rule configuration referring to another rule, ruleset, or miscellaneous rule configuration. Perform the following steps for each rule, ruleset, or miscellaneous rule configuration that refers to another rule, ruleset, or miscellaneous rule configuration:
1. Log in to the CA Advanced Authentication as a GA or OA.
2. If you have logged in as the GA and you want to perform this procedure for a system ruleset, click the Services and Server Configurations tab.
3. If you have logged in as the GA or OA to perform this procedure for a single organization, do the following steps:
  - Activate the Organizations tab.
  - Click the Search Organization link under Manage Organizations.
  - Click the Search button on the Search Organization page.
  - Click the name of the organization.
  - Click the Configuration tab.
4. Navigate to the side-bar menu, Rules Management.
5. Click the link for the rule, ruleset, or miscellaneous rule configuration that refers to another rule, ruleset, or miscellaneous rule configuration.
6. Select Use Own.
7. Select Copy from an Existing Ruleset.
8. From the Ruleset Name list, select the ruleset to which this rule, ruleset, or miscellaneous rule configuration is referring to.
9. Click Save.
10. Migrate the changes to the production environment.
  Note: For detailed information about migrating the changes to the production environment and refreshing the cache, see the CA CA Risk Authentication Administration Guide.
The upgrade process is supported only in the offline mode. Shut down the following services:
- CA Risk Authentication Server
- Case Management Queuing Server
- Any application servers where CA Advanced Authentication and User Data Service are deployed
Close the CA Advanced Authentication.
Open the $ARCOT_HOME/conf/arcotcommon.ini file in a text editor, and then perform the following steps:
1. Verify that the primary database details are correct. The upgrade tool uses the database that is configured in this file.
2. If you have configured a backup database, disable the backup database by commenting out the lines containing the following properties in the arcot/db/backupdb section of the arcotcommon.ini file:
  - URL.1
  - AppServerConnectionPoolName.1
  - Username.1
3. Include the following section in the arcotcommon.ini file for 2.2.9 version:
```
[arcot/crypto/device]
HSMDevice=S/W
```
4. Save and close the arcotcommon.ini file.
Verify that you have JDK installed on the system.
Verify that the database on which you plan to upgrade is available throughout the upgrade process.
Verify that the database on which you plan to upgrade is disabled for replication.
Back up the database containing the CA Risk Authentication schema.
If you require multi-byte character or internationalization support in CA Risk Authentication and if your database does not currently support multi-byte data, then migrate the database to a character set that supports multibyte data. For more information, see Configuring Database Server.
Consider the requirements, such as rollback segment size, which are based on data volume, before running the upgrade tool.
Verify that you have the database privileges to upgrade CA Risk Authentication. For the complete list of privileges, see Database Privileges Required for Upgrade.
If you have stored user details in an LDAP repository in the previous release, verify that the LDAP server is available throughout the upgrade process.
Verify that the ARCOT_HOME environment variable is set to the directory where CA Risk Authentication is installed.
Copy the contents of your existing ARCOT_HOME directory to a new directory.
Here, ARCOT_HOME refers to the base directory that contains the entire directory structure that was created by the existing CA Risk Authentication installation. Typically, ARCOT_HOME is install_location/arcot/.

ARCOT_HOME_BACKUP refers to the backup directory into which you copy the contents of the existing the ARCOT_HOME directory. If you encounter any error during upgrade, use the ARCOT_HOME_BACKUP directory to revert to the initial setup.