VMware Aria Suite Lifecycle migrates VMware Identity Manager data for vRealize Automation 7.5, 7.6, 8.0 to Global Environment of VMware Identity Manager 3.3.3 and later.

VMware Aria Suite Lifecycle migrates:

  • Tenants
  • Directories
  • Custom groups
  • Roles and rule set
  • User attributes
  • Access policies
  • Network ranges
  • Third-party IDP configurations

Prerequisites

  • The SMTP information of the source tenant must be configured on the Global Environment of VMware Identity Manager. This information is required to receive email instructions to reset the password for all local users. All local users in the source tenant must have valid email IDs before migrating tenants.
  • For migration, you must enable remote connection from the Global Environment of VMware Identity Manager to the vRealize Automation 7.x database. Refer to KB 81219 for more information on enabling remote connection.
  • Ensure that you have DNS configured in VMware Aria Automation and VMware Identity Manager. For more information on DNS and certificate requirements, refer to DNS and Certificate Requirement in the VMware Aria Suite Lifecycle documentation.
  • Ensure that the source vRealize Automation 7.x environment is in a healthy state and directories are synced before tenant migration.

Procedure

  1. On the My Services dashboard of VMware Aria Suite Lifecycle, click Identity and Tenant Management.
  2. Select Tenant Management, and then click Tenant Migrations.
  3. Read the information on VMware Identity Manager Tenant Migration and VMware Aria Automation Tenant Mapping, and then click Continue.
  4. On the Environment Selection tab, select the Source Environment and Target Environment. Based on your source and the target environment selection, you can view a tabular representation of the available tenants on the source vRealize Automation. You can also view the status of the migrated or merged tenants on VMware Aria Automation 8.x.
  5. Click Next.
  6. On the Tenant Migration Workflow page, you can view the workflow of Tenant Migration and Tenant Merge, and understand the correlation between the two operations.
    In Tenant migration, the specific data of VMware Identity Manager is migrated to the destination tenant of Global Environment using VMware Aria Suite Lifecycle. VMware Aria Suite Lifecycle also creates 7.x endpoint when adding a new tenant on VMware Aria Automation 8.x. In Tenant Merge, the directories and tenants are already created on the source VMware Aria Automation 8.x. VMware Aria Suite Lifecycle creates the 7.x endpoint to the existing tenants on VMware Aria Automation 8.x, so that you can migrate the business groups, infrastructure, and other specific tenants on VMware Aria Automation.
  7. Click SAVE AND NEXT and read the list of manual steps which must be performed to proceed with the migration. Select the check box to confirm that you have read and verified the prerequisites and limitations.
  8. To specify the Tenant Migration Workflow, enter these details on the Tenant Details tab.
    1. Select the Source Tenant.
      Note: The source tenants which are listed are not the migrated or merged tenants.
    2. Enter the Tenant Name.
    3. Under Target Tenant administrator details, enter the Target Tenant Username, First Name, Last Name, valid Email ID, and Password.
    4. Click SAVE AND NEXT. To specify a directory that must be migrated from the source vRealize Automation 7.x to VMware Aria Automation 8.x tenant, select one of these directories on the Directory Migration tab.
      • System Directory: Connector selection and password creation are not required.
      • JIT directory: Connector selection and password creation are not required.
      • Active Directory over LDAP: Select a Windows or Linux target Connector and enter the BindPassword.
      • OpenLDAP: Select a Windows or Linux target Connector and enter the BindPassword.
      • Active Directory with IWA: You can only select a Windows target Connector for the VMware Identity Manager 3.3.3 version. Enter the Bind Password and Domain Admin Password that is required for migration.
        Note: To migrate a directory is a one-time operation, select all the directories which must be migrated. If the required directories are not selected during migration, you have to perform this operation manually.
  9. Click Validate. After a successful validation, click SAVE AND NEXT.
  10. Click Run Precheck to validate the tenant details and certificate details. Click SAVE AND NEXT.
  11. On the Summary Step tab, you can view the summary of your selections.
  12. Click SUBMIT if your validations are successful.
    If the validations are not successful and you want to make changes, and then resume the tenant migration operation, click SAVE AND EXIT. The same wizard can be opened anytime to rerun the precheck to complete and proceed.

Results

You can view the tenant migration details under the Request Details page. Both VMware Identity Manager and VMware Aria Automation tenants can be accessed through its tenant FQDNs.