Upgrade Smart ID Identity Manager from 21.10 to 22.04
This article describes how to upgrade Smart ID Identity Manager from 21.10 to 22.04.
These instructions only apply if you have kept the docker-compose.yml from the previous release. If you install a new docker configuration, you do not have to care about this, since this is part of the latest docker-compose files on the download portal.
Prerequisites
An older release of Smart ID Identity Manager is already installed.
Step-by-step instruction
Delete/verify object history
With the new functionality, having two separated jobs for verification and deletion of object history, also the corresponding configuration parameters have changed. The relevant configuration can be found in the docker-compose.yml of Identity Manager Operator.
Add the new “historyCleaningTrigger.cronExpression” with a corresponding cron expression to “SYSTEM_PROPERTIES” in the docker-compose.yml to delete object history.
The existing “historyVerificationTrigger.cronExpression” to verify object history works as before.
Remove the “commonHistoryService.verificationIntervalMonths” since it is obsolete.
Add the new “commonHistoryService.historyCutOffDuration” in SYSTEM_PROPERTIES in docker-compose.yml to set the timeframe that you want to cut off in the object history. Read more in Chained signature for object history in Identity Manager.
Changes in how to deactivate the quartz scheduler
Previously it was necessary to set two parameters in system properties to deactivate the quartz scheduler. This has been changed, so that only “quartzScheduler.enable" is needed and "scheduler.autoStartup" is obsolete.
To deactivate all scheduled tasks on a certain application node, set “quartzScheduler.enable"=false in SYSTEM_PROPERTIES in docker-compose.yml for Identity Manager Operator.
See also List of Identity Manager system properties.
Change configuration parameters for Nexus GO Cards
With the release of the new API to Nexus GO Cards, configuration parameters have changed in the smartid.env file and in the docker-compose.yml of Identity Manager Operator and Identity Manager Admin. See also Set up Nexus GO cards layout template for Identity Manager.
In smartid.env:
Remove the following two lines:
CODEIDM_CAAS_USER=<myUsername> IDM_CAAS_PASS=<mypassword>
and add these lines instead:
CODEIDM_CAAS_CLIENT_ID=DUMMY_REPLACE_ME IDM_CAAS_CLIENT_SECRET=DUMMY_REPLACE_ME IDM_CAAS_ORGANISATION_ID=DUMMY_REPLACE_ME IDM_CAAS_HOSTNAME=cards.nxsas.com
In docker-compose.yml of Identity Manager Operator and Identity Manager Admin (under SYSTEM_PROPERTIES):
Remove the following two lines:
CODE"caasCommunicationService.caasUsername": "${IDM_CAAS_USER}", "caasCommunicationService.caasPassword": "${IDM_CAAS_PASS}",
and add these lines instead:
CODE"caasCommunicationService.clientId": "${IDM_CAAS_CLIENT_ID}", "caasCommunicationService.clientSecret": "${IDM_CAAS_CLIENT_SECRET}", "caasCommunicationService.organisationId": "${IDM_CAAS_ORGANISATION_ID}", "caasCommunicationService.hostname": "${IDM_CAAS_HOSTNAME}",
Update image name and container name for mobile iron
In the mobile iron docker-compose file, the image name and container name has changed:
Replace...
CODEmobile-iron-server: image: "${SMARTID_REPO_DOCKER}/smartid/identitymanager/mobile_iron_server:${SMARTID_VERSION}" container_name: "smartid-mobile-iron-server"
...with
CODEmobile-iron: image: "${SMARTID_REPO_DOCKER}/smartid/identitymanager/mobile_iron:${SMARTID_VERSION}" container_name: "smartid-mobile-iron"
Add tenant ID for cron user
The cron user requires a tenant ID again.
Set cronUsername, cronPassword and cronTenantId in system.properties for Identity Manager Operator accordingly. See List of Identity Manager system properties.
DormaKaba Exos connector
An updated standard integration of Kaba Exos has been released in Physical Access. Therefore, the old native Identity Manager integration of Exos is obsolete and has been removed. All Physical Access use cases will now be handled in the standard Physical Access way. If you use DormaKaba Exos integration, switch to the updated DomaKaba Exos connector in the Physical Access component. Read more here: Set up integration with Dorma Kaba Exos.