This article describes how to upgrade Smart ID Identity Manager from 5.3.1 to 6.0.0.
CM SDK upgrade
Identity Manager 6.0 is only compatible with Certificate Manager 8.12 or later versions.
Rootless docker
No process within the Smart ID Identity Manager docker containers is executed by root anymore. This requires permissions for mounted volumes to be set accordingly.
To create host system users and groups and setup permissions for rootless Docker containers, run the script:
./set-rootless-volume-ownership.sh
This script will create a host user for each container, a common group for all of these users, give secure user and group permissions for all files and folders used as volumes and give read and write access to the current user using ACL.
The script is available with the docker compose files in the file SmartID-26.04.0-deploymentXXXXXX.tgz from the support portal.
For more information, see Deploy Smart ID.
Pre-/post-login process users
The predefined users used for pre‑login and post‑login processing have changed. Verify that these users exist in the system. If they do not exist, create them as internal users. Confirm which processes are executed during the login flow (pre‑login and post‑login), and assign the users the required permissions to:
-
Start the relevant processes
-
Execute associated user tasks
-
For Smart ID Self‑Service also grant the “Show in Self‑Service” permission
|
Username |
Needs permissions for |
|
preLoginOperatorUser |
Pre-login processes shown on Identity Manager Operator login page. |
|
preLoginSelfServiceUser |
Pre-login processes shown on Smart ID Self-Service login page. |
|
postLoginProcessUser |
Post-login processes (start directly after login). |
Remove obsolete internal users and configurations from custom-beans.xml
For more information, see Configure a pre-login process for Identity Manager Operator, Configure pre-login processes for Smart ID Self-Service and Set up authentication profile in Identity Manager.