Before you upgrade the VMware Identity Manager virtual appliance offline, perform these prerequisite tasks.

  • To prevent a potential network loss, perform the steps in https://kb.vmware.com/s/article/83587.
  • To capture the entire state of the virtual appliance before you update, take a snapshot of your virtual appliance.

    For information about how to take snapshots, see the vSphere Virtual Machine Administration guide.

  • If you are upgrading directly from VMware Identity Manager 3.3.2, shut down the entire Elasticsearch cluster by running the service elasticsearch stop command on each node.

    Shutting down the entire Elasticsearch cluster allows the Elasticsearch version to upgrade while preventing mismatched versions from running.

  • If you revoked the db_owner role on the Microsoft SQL database, as described in the 3.3 version of the Installing and Configuring VMware Identity Manager for Linux guide, you must add it back before performing the upgrade, otherwise upgrade fails.
    1. Log in to the Microsoft SQL Server Management Studio as a user with sysadmin privileges.
    2. Connect to the database instance for VMware Identity Manager.
    3. Enter the following commands.

      If you are using Windows Authentication mode, use the following commands: 

      USE <saasdb>;
ALTER ROLE db_owner ADD MEMBER <domain\username>; GO

      Make sure that you replace <saasdb> with your database name and <domain\username> with the relevant domain and user name.

      If you are using SQL Server Authentication mode, use the following commands: 
      USE <saasdb>;
ALTER ROLE db_owner ADD MEMBER <loginusername>; GO

      Make sure that you replace <saasdb> with your database name and <loginusername> with the relevant user name.

  • Take the appropriate snapshots.
    • Take a snapshot of each VMware Identity Manager appliance in your deployment.
    • If you are using an external Microsoft SQL database, take a snapshot or backup of the external database.
  • Confirm that SSL certificates requirements are met.

    If you are using VMware Identity Manager with VMware vRealize Automation 8.3, configure SSL certificates following the instructions in Enable Tenant-In-Host Name Multi-Tenancy with vRealize Automation 8.4.

  • If you are upgrading using the updateoffline.hzn script and your deployment includes a proxy server, disable the proxy server.

    The way you disable the proxy server depends on the underlying operating system. VMware Identity Manager 3.3.2 uses the SUSE Linux Enterprise Server (SLES) operating system, which includes the YaST utitlity. VMware Identity Manager 3.3.3 and later uses the Photon operating system, which does not include the YaST utility.

    If you are upgrading from 3.3.2, use the YaST utility as follows:
    Disable the proxy server from the command line.
    1. Run the following command. 
      yast2

      The YaST2 Control Center dialog box opens.

    2. Select Network services.
    3. Select Proxy.

      The Proxy Configuration dialog box opens.

    4. If selected, deselect Enable proxy.
    5. Quit the YaST2 utility.

      After a successful upgrade, enable the proxy server again.

    If you are upgrading from 3.3.3 or 3.3.4, perform the steps that follow.
    Disable the proxy server from the admin console.
    1. Log in to the VMware Identity Manager console and navigate to the Appliance Settings > VA Configuration page.
    2. Click Manage Configuration, log in with the admin user password, and click Proxy Configuration.
    3. Disable Proxy.
    4. Click Save.
  • Verify that at least 10 GB of free disk space (/dev/sda) are available on the virtual appliance.
  • Ensure that the directory space requirements for an offline upgrade are met.
    Table 1. Directory Space Requirements for Upgrading from 3.3.2 Directly to 3.3.5
    Directory Minimum Available Space
    / 2 GB
    /var 3GB
    Note: If you download the dualbootupdate.tar.gz file to the /var directory, a minimum of 7 GB of available space is required.
    Directory where you download the dualbootupdate.tar.gz file, if applicable 7 GB

    You need to download the dualbootupdate.tar.gz file if you plan to perform an offline upgrade using vRealize Suite Lifecycle Manager.
    Table 2. Directory Space Requirements for Upgrading from 3.3.3 or 3.3.4 to 3.3.5
    Directory Minimum Available Space
    / 4 GB
  • If you are upgrading directly from VMware Identity Manager 3.3.2, download the VMware Identity Manager Service Virtual Appliance Dual Boot Update from the VMware Identity Manager 3.3.5 product download page on my.vmware.com and save the file to any directory in the VMware Identity Manager virtual appliance.

    VMware Identity Manager 3.3.3 switched from the SUSE Linux Enterprise Server (SLES) operating system to the VMware Photon™ operating system. Therefore, VMware Identity Manager 3.3.3 and 3.3.4 already use Photon, but 3.3.2 does not. The VMware Identity Manager Service Virtual Appliance Dual Boot Update download contains the dualbootupdate.tar.gz file, which includes the Photon operating system and its packages. The upgrade process uses the dualbootupdate.tar.gz file when migrating the operating system from SLES to Photon.