If your Workspace ONE Access virtual appliance cannot connect to the Internet for upgrade, you can perform an offline upgrade.

Two options are available for offline upgrade. You can set up an upgrade repository on a local Web server and configure the appliance to use the local Web server for upgrade. Or you can download the upgrade package to the Workspace ONE Access 20.01.x server and use the updateoffline.hzn script to upgrade.

Prerequisites for a Workspace ONE Access Offline Upgrade

Before you upgrade the Workspace ONE Access 20.01 virtual appliance offline, perform these prerequisite tasks.

  • Take a snapshot of your virtual appliance to back it up. For information about how to take snapshots, see the vSphere documentation.
  • Verify that at least 10 GB of free disk space (/dev/sda) are available on the virtual appliance. To see if you have enough disk space, run
    parted /dev/sda unit GB print free | grep "Free Space" |tail -n 1| awk '{print $3}'
  • Verify the health of the Elasticsearch service Go to the System Diagnostic Dashboard in the Workspace ONE Access console and review the Integrated Components section. Confirm that the values for the Elasticsearch items are green. If the state displays as red, fix the Elasticsearch issues before upgrading.
  • If you revoked the db_owner role on the Microsoft SQL database, you must add it back before performing the upgrade, otherwise the upgrade fails. Add the db_owner role to the same user that was used during installation:
    1. Log in to the Microsoft SQL Server Management Studio as a user with sysadmin privileges.
    2. Connect to the database instance for Workspace ONE Access 20.10
    3. Enter the following commands.

      If you are using Windows Authentication mode, use the following commands:

      USE <saasdb>;
      ALTER ROLE db_owner ADD MEMBER <domain\username>; GO 

      Make sure that you replace <saasdb> with your database name and <domain\username> with the relevant domain and username.

      If you are using SQL Server Authentication mode, use the following commands:
      USE <saasdb>;
      ALTER ROLE db_owner ADD MEMBER <loginusername>; GO 

      Make sure that you replace <saasdb> with your database name and <loginusername> with the relevant username.

    For information about revoking the database-level role, see Change Database-Level Roles After Upgrade to Workspace ONE Access
  • Take a snapshot or backup of the external database.
  • Verify that Workspace ONE Access is properly configured.
  • Confirm that a Workspace ONE Access upgrade exists. Check the My VMware site at my.vmware.com for upgrades.
  • If you are upgrading using the updateoffline.hzn script and your deployment includes a proxy server, disable the proxy server.
    Disable the proxy server from the command line.
    1. Run the following command.

      The YaST2 Control Center dialog box opens.

    2. Select Network services.
    3. Select Proxy.

      The Proxy Configuration dialog box opens.

    4. If selected, deselect Enable proxy.
    5. Quit the YaST2 utility.

    After a successful upgrade, enable the proxy server again.

  • Ensure that following directory space requirements are met.
    Directory Minimum Available Space
    / 4 GB
    Directory where you download the dualbootupdate.tar.gz file, if applicable 2 GB
    Directory where you download the offline upgrade package, identity-manager- 2 GB
  • Download Photon Migration Support Tools from the Workspace ONE Access 20.10 download page on my.vmware.com and save the file to any directory in the service virtual appliance.

    Workspace ONE Access 20.10 switches from the SUSE Linux Enterprise Server (SLES) operating system to the VMware Photon™ operating system. The Photon Migration Support Tools download contains the dualbootupdate.tar.gz file, which includes the Photon operating system and its packages. The upgrade process uses the dualbootupdate.tar.gz file when migrating the operating system from SLES to Photon.