Federation Manager Guide › Upgrade or Migrate to Federation Manager r12.1 SP3 › How To Migrate a Configuration from One System to Another › Export a Federation Manager Configuration to an XML File

Export a Federation Manager Configuration to an XML File

Export the configuration to an XML file and use the file to replicate the configuration on another system system. Additionally, make a copy of the key database.

The XPSExport tool shipped with Federation Manager lets you export all data in the data store to an XML file.

Important! Federation transactions fail while the backup is in process.

To export a Federation Manager configuration

1. Copy the key database directory and save it in a safe location. The key database is in the following directory:

   federation_mgr_home/siteminder/smkeydatabase

   You copy this directory to the other system during the migration process.

2. Log on to the Federation Manager UI.
3. Select the Federation tab and click Partnerships.

   The View Federation Partnerships window opens.

4. Select Deactivate from the Action menu next to each active partnership in the Federation Partnership list. This deactivates all the active partnerships.
5. If you enabled SSL for the artifact back channel or for the Federation Manager UI, you must disable it, as follows:
   1. Click the Infrastructure tab and select SSL Configuration.

      The SSL Configuration dialog opens.

   2. Click Enable in the Embedded web SSL Configuration group box to change the setting to Disable.
   3. Click Activate in the Administrative UI SSL Configuration group box to change the setting to Deactivate.
6. If you changed the SSL status (enabled or disabled), restart the Federation Manager services as follows.
   • Windows

     Use the Federation Manager stop and start shortcuts as follows. If you logged in as a network user and not a local administrator, right-click the shortcut and select Run as administrator.

     1. Start, All Programs, CA, FederationManager, Stop services
     2. Start, All Programs, CA, FederationManager, Start services
   • UNIX

     a. Open up a command window.

     b. Run the following scripts:

     federation_mgr_home/fedmanager.sh stop

     federation_mgr_home/fedmanager.sh start

     When you run the fedmanager.sh script, it sources the Federation Manager environment script, ca_federation_env.ksh.

     Note: Do not stop and start the services as the root user.

7. Export the Federation Manager configuration by entering the following command from a command window:

   XPSExport export_file_name -xa -passphrase passphrase

   export_file_name

   Names the output file that results from the export. The output from XPSExport is in XML format, therefore, the filename should end with the extension .xml.

   passphrase

   Specifies the passphrase required to encrypt sensitive data. It must be at least eight characters and must contain at least one digit, one upper case and one lower case letter. If the passphrase contains a space, then it must be enclosed in quotes.

   NOTE: If you do not want to enter the passphrase directly, you may leave it off the command. XPSExport then prompts you for a passphrase and a passphrase confirmation, which will not be echoed to the screen.

   You now have an XML file that contains encrypted configuration data, which you can use to replicate the configuration on a different system.

8. After you successfully back up the configuration, return the backed-up system to its original state.