Agent for SharePoint Guide › Upgrade Your CA SiteMinder Agent for SharePoint

Upgrade Your CA SiteMinder Agent for SharePoint

How to Upgrade Your CA SiteMinder Agent for SharePoint

Upgrading your CA SiteMinder Agent for SharePoint from a previous version to 12.51 involves installing the new version of the software on your existing components.

Note: The upgraded product uses any existing SharePoint connection and the trusted identity provider from your previous version. You do not have to re-create these items. Associate the upgraded claims provider with your existing trusted identity provider.

Follow these steps:

1. Install the new version of the agent using one of the following procedures:
   • Upgrade the agent on Windows operating environments.
   • Upgrade the agent on UNIX operating environments.
2. Install the new version of the claims provider on your SharePoint central administration servers.
3. Confirm the name of your existing trusted identity provider.
4. Associate your existing trusted identity provider with the new claims provider.
5. Verify the SSL settings after an upgrade.
6. Repeat Steps 1 through 5 for any other components running the CA SiteMinder Agent for SharePoint.

Install the New Version of the Agent

The first step of the upgrade process is installing the new version of the Agent. Pick the appropriate procedure for your operating environment from the following list:

• Upgrade the agent on Windows operating environments.
• Upgrade the agent on UNIX operating environments.

Upgrade the agent on Windows Operating Environments

Installing a new version of the agent upgrades the product from the previous version.

The default installation location for the agent on 32-bit Windows operating environments is: C:\Program Files\CA\Agent-for-SharePoint. On 64-bit Windows operating environments, the default installation location is C:\CA\Agent-for-SharePoint.

Important! The Agent for SharePoint cannot be installed on a computer that hosts any other web server. The Agent for SharePoint operates as a stand-alone proxy-based solution.

To run the agent installer on Windows operating environments, you need local Administrator privileges.

Note: We recommend installing the agent on an NTFS file-system partition.

Follow these steps:

1. Copy the installation program from the Download location on the CA Support site.
2. Right-click the following executable, and then select Run as administrator:

   ca-sp2010agent-version-operating_environment.exe

   The installation program starts.

3. Follow the instructions from the installation wizard.

   Note: The installer displays all Java executables that are installed in the system. Pick a Java component and version that is equal to or greater than the one shown by the installer. If the installer does not detect any Java executables by default, then browse and select the appropriate path. For more information about the required Java executables or other third-party software requirements, see the platform support matrix.

4. Restart your system after the installation finishes.
5. Continue with the next step of installing the new version of the claims provider.

Upgrade the Agent on UNIX Operating Environments

Installing a new version of the agent upgrades the product from the previous version.

The default installation location is user_home/CA/Agent-for-SharePoint. The folder where you install the agent requires sufficient permissions (755). Do not install the agent under the /root folder, because its default permissions (750) are insufficient.

Important! The Agent for SharePoint cannot be installed on a computer that hosts any other web server. The Agent for SharePoint operates as a stand-alone proxy-based solution.

Note: On the Solaris or Linux operating environments, the agent runs under the "nobody" user account. If you prefer not to run the agent under this user account, create an alternate user and assign the necessary permissions. Do not run this program as a root user.

Follow these steps:

1. Copy the appropriate file for your operating environment from the download location on the CA Support site to a temporary directory:
   • Solaris operating environment: ca-sp2010agent-version-sol.bin
   • Linux operating environment: ca-sp2010agent-version-linux.exe
2. Enter the appropriate command for your operating environment from the following list:
   • Solaris: sh ./ca-sp2010agent-version-sol.bin
   • Linux: sh ./ca-sp2010agent-version-linux.exe
3. Follow the prompts that the installation wizard provides.

   Note: The installer displays all Java executables that are installed in the system. Pick a Java component and version that is equal to or greater than the one shown by the installer. If the installer does not detect any Java executables by default, then browse and select the appropriate path. For more information about the required Java executables or other third-party software requirements, see the platform support matrix.

4. Continue with the next step of installing the new version of the claims provider.

Install the New Version of the Claims Provider on Your SharePoint Central Administration Servers

The next step of the upgrade process is installing a new version of the claims provider on your SharePoint central administration server. This installation upgrades the claims provider from the previous version.

If you are not the user who installed or configured SharePoint, you need one of the following privileges to run the Claims Provider installer:

• Administrator for the local server
• Administrator for the group
• Farm Administrator (for any SharePoint farms)

If you are installing your Claims provider on a new SharePoint farm, install the claims provider on your SharePoint central administration server. If you add any additional SharePoint servers to your farm later, install the claims provider on each SharePoint server you add.

Follow these steps:

1. Log on to your SharePoint central administration server.
2. Copy the installation program from the download location on the CA Support site.
3. Locate the following executable:

   ca-spclaims-version-win64.exe
   

4. Right-click the executable, and then select Run as administrator.

   The installation program starts.

5. Follow the installation wizard.
6. Restart your system after the installation finishes.

   The Claims provider is successfully installed.

Confirm the Name of Your Existing Trusted Identity Provider

Confirm the name of your existing trusted identity provider before associating it with your upgraded claims provider.

Follow these steps:

1. Log on to the computer hosting your SharePoint central administration server.
2. Click Start, All Programs, Microsoft SharePoint 2010 Products, the SharePoint 2010 Management Shell.
3. Enter the following command;

   Get-SPTrustedIdentityTokenIssuer
   

   The name of your existing trusted identity provider appears. This provider is the one which you want to associate with your upgraded claims provider.

4. Continue with the next step of associating your existing trusted identity provider with the upgraded claims provider.

Associate Your Existing Trusted Identity Provider with the Upgraded Claims Provider

The next step of upgrading is associating the trusted identity provider with the upgraded claims provider.

Note: The upgraded product uses any existing SharePoint connection and the trusted identity provider from your previous version. You do not have to re-create these items. Associate the upgraded claims provider with your existing trusted identity provider.

The Update-SMTrustedIdentityTokenIssuer command updates the claims provider of a trusted identity token issuer to CASiteMinderClaimProvider.

Follow these steps:

1. Click Start, All Programs, Microsoft SharePoint 2010 Products, the SharePoint 2010 Management Shell.

   The SharePoint 2010 Management Shell command prompt appears.

2. Navigate to the following directory:

    C:\Program Files\CA\SharePointClaimsProvider\scripts
   

3. Enter the update command. This command has the following format:

   Update-SMTrustedIdentityTokenIssuer.ps1 -TrustedIdentityTokenIssuer “Name_of_Trusted_Identity_Provider_registered_with_SharePoint”
   

   TrustedIdentityTokenIssuer

   Specifies the name of the CA SiteMinder trusted identity token issuer (trusted login provider) to update.

   Example:

   .\Update-SMTrustedIdentityTokenIssuer.ps1 -TrustedIdentityTokenIssuer “SiteMinder Federation”
   

   The SharePoint central administration server is updated with the new claims provider of the trusted identity token issuer.

Verify the SSL Settings After an Upgrade

Verify your SSL settings after the upgrade. In some situations, the upgrade did not always change the settings in the following file:

Agent-for-Sharepoint_home\httpd\conf\spsapachessl.properties

Follow these steps:

1. Open the spsapachessl.properties file in a text editor.
2. Search for the following line:

   apache.ssl.enabled=
   

3. Do one of the following tasks:
   • If the previous line does not exist, add it to the file. Then go to step 4.
   • If the previous line exists, go to Step 4.
4. Confirm that the value after the equal sign matches the setting that you want. Use the following examples:

   apache.ssl.enabled=Y
   apache.ssl.enabled=N
   

   For example, if you were using SSL before your upgrade, verify that the value after the equal sign is Y.

5. Save the changes to the spsapachessl.properties file and close the text editor.

   The SSL settings are verified.