After you upgrade to VMware Identity Manager 3.3, you might need to configure certain settings.

Log4j Configuration Files

If any log4j configuration files in a VMware Identity Manager instance were edited, new versions of the files are not automatically installed during the upgrade. However, after the upgrade, the logs controlled by those files do not work.

To resolve this issue:

  1. Log in to the virtual appliance.

  2. Search for log4j files with the .rpmnew suffix.

    find / -name "**log4j.properties.rpmnew"

  3. For each file found, copy the new file to the corresponding old log4j file without the .rpmnew suffix.

Cluster ID in Secondary Data Center

Beginning with VMware Identity Manager 3.3, cluster IDs are used to identify the nodes in a cluster.

If your VMware Identity Manager deployment includes a secondary data center, you must change the cluster ID of the secondary data center after upgrade. Before changing the cluster ID, verify that each node has the Elasticsearch discovery-idm plugin installed.

  1. Verify that each node has the Elasticsearch discovery-idm plugin.

    1. Log in to the virtual appliance.

    2. Use the following command to check if the plugin is installed.

      /opt/vmware/elasticsearch/bin/plugin list

    3. If the plugin does not exist, use the following command to add it.

      /opt/vmware/elasticsearch/bin/plugin install file:///opt/vmware/elasticsearch/jars/discovery-idm-1.0.jar

  2. Log in to the VMware Identity Manager console.

  3. Select the Dashboard > System Diagnostics Dashboard tab.

  4. In the top panel, locate the cluster information for the secondary data center cluster.

  5. Update the cluster ID of all the nodes in the secondary data center to a different number than the one used in the first data center.

    For example, set all the nodes in the secondary data center to 3, if the first data center is not using 3.



    cluster information


  6. Verify that the clusters in both the primary and secondary data centers are formed correctly.

    Follow these steps for each node in the primary and secondary data centers.

    1. Log in to the virtual appliance.

    2. Run the following command:

      curl 'http://localhost:9200/_cluster/health?pretty'

      If the cluster is configured correctly, the command returns a result similar to the following example:

      {
        "cluster_name" : "horizon",
        "status" : "green",
        "timed_out" : false,
        "number_of_nodes" : 3,
        "number_of_data_nodes" : 3,
        "active_primary_shards" : 20,
        "active_shards" : 40,
        "relocating_shards" : 0,
        "initializing_shards" : 0,
        "unassigned_shards" : 0,
        "delayed_unassigned_shards" : 0,
        "number_of_pending_tasks" : 0,
        "number_of_in_flight_fetch" : 0
      }

Cache Service Setting in Secondary Data Center Appliances

If you set up a secondary data center, VMware Identity Manger instances in the secondary data center are configured for read-only access with the "read.only.service = true" entry in the /usr/local/horizon/conf/runtime-config.properties file. After you upgrade such an appliance, the service fails to start.

To resolve this issue:

  1. Log in to the virtual appliance.

  2. Add the following line to the /usr/local/horizon/conf/runtime-config.properties file:

    cache.service.type = ehcache

  3. Restart the service.

    service horizon-workspace restart

Citrix Integration

For Citrix integration in VMware Identity Manager 3.3, all external connectors must be version 2018.8.1.0 (the connector version in the 3.3 release) or later.

You must also use Integration Broker 3.3. Upgrade is not available for Integration Broker. Uninstall the old version, then install the new version.

Changes in Past Releases

For changes in past releases, see Upgrading to VMware Identity Manager 3.2.0.1 (Linux).