If you use VMware vRealize® products or VMware NSX-T™ with VMware Identity Manager™ 3.3.1, you can upgrade VMware Identity Manager to version 3.3.2.
For more information about the VMware Identity Manager 3.3.2 release, see the VMware Identity Manager 3.3.2 Release Notes.
If you are a VMware vRealize® Automation™ customer, follow Enable Tenant-In-Host Name Multi-Tenancy with vRealize Automation 8.1.
VMware Identity Manager Upgrade Paths
The following upgrade path is supported:
- From version 3.3.1 directly to version 3.3.2.
VMware Identity Manager Connector Upgrade Paths
The following upgrade paths are supported:
- A VMware Identity Manager Connector for Linux upgrade from 3.3.1 to 3.3.2.
- A VMware Identity Manager Connector for Windows upgrade from 3.3.1 to 3.3.2 for connector instances installed using the VMware Identity Manager Connector installer.
The following upgrade path is not supported:
- A VMware Identity Manager Connector for Windows upgrade from 3.3.1 to 3.3.2 for connector instances installed by VMware vRealize® Suite Lifecycle Manager™.
VMware Products That Can Upgrade to VMware Identity Manager 3.3.2
- vRealize Products such as VMware vRealize Automation™, VMware vRealize Suite Lifecycle Manager, VMware vRealize® Operations™, VMware vRealize® Business™ for Cloud , VMware vRealize® Log Insight, and VMware vRealize® Network Insight™ for authentication and SSO.
- vRealize products that are deployed and managed through vRealize Suite Lifecycle Manager only can consume VMware Identity Manager 3.3.1 or 3.3.2.
- vRealize Suite Lifecycle Manager can now handle a brand-new installation of VMware Identity Manager 3.3.1 or 3.3.2, or an upgrade to 3.3.2 from VMware Identity Manager 3.3.1.
- NSX-T for Authentication and SSO
- NSX-T can be deployed with VMware Identity Manager 3.3.1 or 3.3.2, or upgraded to 3.3.2 from an earlier version.
You can upgrade VMware Identity Manager online or offline.
By default, the VMware Identity Manager appliance uses the VMware website for the upgrade procedure. This approach requires the appliance to have Internet connectivity. You must also configure proxy server settings for the appliance, if applicable.
If your virtual appliance does not have Internet connectivity, you can perform the upgrade offline. For an offline upgrade, you download the upgrade package from My VMware. You use the updateoffline.hzn script to perform the upgrade.
- If you deployed a single VMware Identity Manager appliance, upgrade it online or offline as described in Upgrading VMware Identity Manager Online or Upgrading VMware Identity Manager Offline.
Note: Expect some downtime because all services are stopped during the upgrade. Plan the timing of your upgrade accordingly.
- If you have deployed multiple VMware Identity Manager virtual appliances in a cluster for failover or high availability, see Upgrade a Cluster.
Hardware Sizing Requirements
The hardware-sizing requirements in the following table are specific to VMware Identity Manager 3.3.2. See the 3.3 version of the Installing and Configuring VMware Identity Manager for Linux guide for a broader list of hardware-sizing requirements, which also apply to 3.3.2.
For best results, implement the following sync-related practices.
- Because the initial directory sync is an intensive, resource consuming operation, perform the initial directory sync on one tenant at a time.
- Stagger directory syncs across tenants to avoid the resource consumption of running directory syncs on two or more tenants at the same time.
You can use the internal PostgreSQL database or an external Microsoft SQL database. Both options can provide high availability.
To achieve high availability with the internal PostgreSQL database, you must leverage vRealize Suite Lifecycle Manager. See the table that follows and see the vRealize Suite Lifecycle Manager 8.1 Installation, Upgrade, and Management guide.
For an external Microsoft SQL database configuration, see the 3.3 version of the Installing and Configuring VMware Identity Manager for Linux guide.
|Directory Sync of Users and Groups per Tenant*||VMware Identity Manager Appliance with Internal PostgreSQL Database and Embedded Connector, per Node Requirements||External Windows-Based Connector, per Connector-Instance Requirements|
||A single node or a three-node cluster:
*If either the number of users or the number of groups for a tenant exceeds the Maximum, see the next row.