Before you upgrade the VMware Identity Manager virtual appliance online, perform these prerequisite tasks.

  • To prevent a potential network loss, perform the steps in https://kb.vmware.com/s/article/83587.
  • To capture the entire state of the virtual appliance before you update, take a snapshot of your virtual appliance.

    For information about how to take snapshots, see the vSphere Virtual Machine Administration guide.

  • If you are upgrading from VMware Identity Manager 3.3.2, you must first perform an offline upgrade from 3.3.2 to 3.3.5 and then upgrade from 3.3.5 to 3.3.6. For the 3.3.2 to 3.3.5 upgrade, you must shut down the entire Elasticsearch cluster by running the service elasticsearch stop command on each node.

    Shutting down the entire Elasticsearch cluster allows the Elasticsearch version to upgrade while preventing mismatched versions from running.

    For more information about upgrading from version 3.3.2 to 3.3.5, see Upgrading to VMware Identity Manager 3.3.5 (Linux).

  • If you revoked the db_owner role on the Microsoft SQL database, as described in the 3.3 version of the Installing and Configuring VMware Identity Manager for Linux guide, you must add it back before performing the upgrade, otherwise upgrade fails.

    Add the db_owner role to the same user that was used during installation:

    1. Log in to the Microsoft SQL Server Management Studio as a user with sysadmin privileges.
    2. Connect to the database instance for VMware Identity Manager.
    3. Enter the following commands.

      If you are using Windows Authentication mode, use the following commands: 

      USE <saasdb>;
ALTER ROLE db_owner ADD MEMBER <domain\username>; GO

      Make sure that you replace <saasdb> with your database name and <domain\username> with the relevant domain and user name.

      If you are using SQL Server Authentication mode, use the following commands: 
      USE <saasdb>;
ALTER ROLE db_owner ADD MEMBER <loginusername>; GO

      Make sure that you replace <saasdb> with your database name and <loginusername> with the relevant user name.

  • Take the appropriate snapshots.
    • Take a snapshot of each VMware Identity Manager appliance in your deployment.
    • If you are using an external Microsoft SQL database, take a snapshot or backup of the external database.
  • Verify that the virtual appliance can resolve and reach vapp-updates.vmware.com on ports 80 and 443 over HTTP.
  • If an HTTP proxy server is required for outbound HTTP access, configure the proxy server settings for the virtual appliance. See Configure Proxy Server Settings for the VMware Identity Manager Appliance.
  • Confirm that SSL certificates requirements are met.

    If you are using VMware Identity Manager with VMware vRealize Automation 8.4, configure SSL certificates following the instructions in Enable Tenant-In-Host Name Multi-Tenancy with vRealize Automation 8.4.

  • Verify that at least 10 GB of free disk space (/dev/sda) are available on the virtual appliance.
  • Ensure that the directory space requirements for an online upgrade are met.
    Table 1. Directory Space Requirements for Upgrading from 3.3.2 to 3.3.5
    Directory Minimum Available Space
    / 2 GB
    /var 3GB
    Note: If you download the dualbootupdate.tar.gz file to the /var directory, a minimum of 7 GB of available space is required.
    Directory where you download the dualbootupdate.tar.gz file, if applicable 7 GB

    You need to download the dualbootupdate.tar.gz file if you plan to perform an offline upgrade using vRealize Suite Lifecycle Manager.
    Table 2. Directory Space Requirements for Upgrading from 3.3.3, 3.3.4, or 3.3.5 to 3.3.6
    Directory Minimum Available Space
    / 4 GB
  • If you are upgrading from VMware Identity Manager 3.3.2, you must first perform an offline upgrade from 3.3.2 to 3.3.5, and then upgrade from 3.3.5 to 3.3.6. For the 3.3.2 to 3.3.5 upgrade, you must download the VMware Identity Manager Service Virtual Appliance Dual Boot Update from the VMware Identity Manager 3.3.5 product download page on my.vmware.com and save the file to any directory in the VMware Identity Manager virtual appliance.

    VMware Identity Manager 3.3.3 switched from the SUSE Linux Enterprise Server (SLES) operating system to the VMware Photon™ operating system. Therefore, VMware Identity Manager 3.3.3, 3.3.4, 3.3.5, and 3.3.6 already use Photon, but 3.3.2 does not. The VMware Identity Manager Service Virtual Appliance Dual Boot Update download contains the dualbootupdate.tar.gz file, which includes the Photon operating system and its packages. The upgrade process uses the dualbootupdate.tar.gz file when migrating the operating system from SLES to Photon.

    For more information about upgrading from version 3.3.2 to 3.3.5, see Upgrading to VMware Identity Manager 3.3.5 (Linux).