Upgrade a 5.5 Policy Store

Configuration Guides › Directory Configuration Guide › Critical Path inJoin Directory Server v4.2 › Upgrade a 5.5 Policy Store

Upgrade a 5.5 Policy Store

You can upgrade an existing 5.5 policy store to a r12.1 policy store using the Critical Path's iCon GUI.

To upgrade an existing 5.5 policy store to a r12.1 policy store

Stop the DSA that contains the 5.5 policy store. Go to dsa, comms, LDAP, and change the "paging mode" option to "always". Restart the DSA.
Navigate to policy_server_home\bin on the machine where the Policy Server is installed.
- policy_server_home
  Specifies the Policy Server installation path.
Run the following command:
```
ldapmodify -hhost -pport -dAdminDN -wAdminPW -c
-fdir_config_home\criticalpath\IDS_Upgrade_Schema_55TOR12sp1.ldif
```
- -h host
  Specifies the IP address of the LDAP server.
- -p port
  Specifies the LDAP server port number.
- -d AdminDN
  Specifies the name of an LDAP user with privileges to create a new LDAP schema on the LDAP directory server.
  
  Example: cn=manager
- -w AdminPW
  Specifies the password of the LDAP user with privileges to create a new LDAP schema on the LDAP directory server.
- -c
  Specifies continuous mode (do not stop on errors).
- -f
  Specifies the path and name of the schema file that is supplied with r12.1.
- dir_config_home
  Specifies the Directory Configuration installation path.
Note: ldapmodify requires version 4.2 of the Critical Path InJoin Directory Server.
Reload the schema, or verify that the schema has been updated.
Run the following command:
```
ldapmodify -hhost -pport -dAdminDN -wAdminPW -c
-fdir_config_home\xps\criticalpath\CriticalPath.ldif
```
- -f
  Specifies the path and name of the XPS schema file that is supplied with r12.1.
The policy store schema is extended to include the objects introduced by r12.1.
Reload the schema, or verify that the schema has been updated.
Go to dsa, comms, LDAP, change the "paging mode" option to "always", and restart the DSA.
The policy store is extended to include the objects introduced by r12.1.
Point the Policy Server at the existing 5.5 policy store that you are upgrading to r12.1.
Run the following command:
```
smobjimport
-ipolicy_server_home\db\smdif\sm_upgrade_55_to_R12sp1.smdif -v -f
```
- -i
  Specifies the path and name of the import file.
- -v
  Turns on tracing and outputs error, warning, and comment messages.
- -f
  Overwrites duplicate SOA Security Manager objects.
The base policy store data is imported from the file sm_upgrade_55_to_R12sp1.smdif, and the Critical Path inJoin Directory Server (IDS) is configured as a policy store.
Run the following command:
Important! Do not re-import ampolicy.smdif if it has been previously imported into the policy store.
```
smobjimport -ipolicy_server_home\db\smdif\ampolicy.smdif
-dsiteminder_super_user_name -wsiteminder_super_user_password -f -v -l -c
```
- -ipolicy_server_home
  Specifies the Policy Server installation path.
- -dsiteminder_super_user_name
  Specifies the name of the SOA Security Manager administrator account.
- -wsiteminder_super_user_password
  Specifies the password for the SOA Security Manager administrator account.
- -f
  Overrides duplicate objects.
- -v
  Turns on tracing and outputs error, warning, and comment messages in verbose format so that you can monitor the status of the import.
  
  Default value: stdout
- -l
  Creates a log file.
- -c
  Indicates that the smdif input file contains unencrypted data.
Note: Importing ampolicy.smdif makes available Federation Security Services, Web Service Variables, and eTelligent Rules functionality that is separately licensed from SOA Security Manager. If you intend on using the latter functionality, contact your CA account representative for more information on licensing.

Note: You can now import the policy store data definitions.

Email CA about this topic