Using vRealize Suite Lifecycle Manager, you can migrate VMware Identity Manager.
Prerequisites
- The SMTP information of the source tenant must be configured on the Global Environment of VMware Identity Manager. This information is required to receive email instructions to reset the password for all local users. Prior to tenant migration, all local users in the source tenant must have valid email IDs.
- For custom group migration, you must enable remote connection from the Global Environment of VMware Identity Manager to the vRealize Automation 7.x database. Refer to KB 81219 for more information on enabling remote connection.
- Ensure that you have DNS configured in vRealize Automation and VMware Identity Manager.
- Ensure that the source vRealize Automation 7.x environment is in a healthy state and directories are synced before tenant migration.
Procedure
- On the My Services dashboard of vRealize Suite Lifecycle Manager, click Identity and Tenant Management.
- Select Tenant Management, and then click Tenant Migrations.
- Read the information on VMware Identity Manager Tenant Migration and vRealize Automation Tenant Mapping, and then click Continue.
- On the Environment Selection tab, select the Source Environment and Target Environment.
Based on your source and the target environment selection, you can view a tabular representation of the available tenants on the source vRealize Automation. You can also view the status of the migrated or merged tenants on the vRealize Automation 8 environment.
- Click Next.
- On the Tenant Migration Workflow page, you can view the workflow of Tenant Migration and Tenant Merge, and understand the correlation between the two operations.
vRealize Suite Lifecycle Manager also creates 7.x endpoint when adding a new tenant on vRealize Automation 8 environment. In Tenant Merge, the directories and tenants are already created on the source vRealize Automation 8 environment. vRealize Suite Lifecycle Manager creates the 7.x endpoint to the existing tenants on vRealize Automation 8 environment, so that you can migrate the business groups, infrastructure, and other specific tenants on vRealize Automation.
- Click SAVE AND NEXT and read the list of manual steps which must be performed to proceed with the migration. Select the check box to confirm that you have read and verified the prerequisites and limitations.
- To specify the Tenant Migration Workflow, enter these details on the Tenant Details tab.
- Select the Source Tenant.
The source tenants listed are not the migrated or merged tenants.
- Enter the Tenant Name.
- Under Target Tenant administrator details, enter the Target Tenant Username, First Name, Last Name, valid Email ID, and Password.
Note: To migrate a directory is a one-time operation, select all the directories which must be migrated. If the required directories are not selected during migration, you have to perform this operation manually.
- Click SAVE AND NEXT.
- To specify a directory that must be migrated from the source vRealize Automation 7 version to vRealize Automation 8 version tenant, select one of these directories on the Directory Migration tab.
- System Directory: Connector selection and password creation are not required.
- JIT directory: Connector selection and password creation are not required.
- Active Directory over LDAP: Select a Windows or Linux target Connector and enter the Bind Password.
- OpenLDAP: Select a Windows or Linux target Connector and enter the Bind Password.
- Active Directory with IWA: You can only select a Windows target Connector for the VMware Identity Manager version 3.3.3. Enter the Bind Password and Domain Admin Password that is required for migration.
Note:
- For a FIPS-enabled VMware Identity Manager version 3.3.5, the AD users and bind user password should be of length fourteen characters.
- To migrate a directory is a one-time operation, select all the directories which must be migrated. If the required directories are not selected during migration, you have to perform this operation manually.
- Click Validate. After a successful validation, click SAVE AND NEXT.
- Click Run Precheck to validate the tenant details and certificate details. Click SAVE AND NEXT.
- On the Summary Step tab, you can view the summary of your selections.
- Click SUBMIT if your validations are successful.
If the validations are not successful and you want to make changes, and then resume the tenant migration operation, click SAVE AND EXIT. The same wizard can be opened anytime to rerun the precheck to proceed.
You can view the tenant migration details under the Request Details page. Both VMware Identity Manager and vRealize Automation tenants can be accessed through its tenant FQDNs.