Manualshelf

Troubleshooting guide

ManualsBrandsRSA Security ManualsServer6.1
41424344454647484950
2: Planning For Migration 41
RSA Authentication Manager 6.1 to 8.1 Migration Guide
Choosing a Migration Path
One of the most important steps in migration is choosing the correct migration path.
Choose one of these methods:
Migrate version 6.1 data to the version 8.1 deployment using the same hostnames
and IP addresses as your existing version 6.1 deployment. For more information,
see Migration with the Same Hostname and IP Address
on page 41.
Migrate version 6.1 data to the version 8.1 deployment using new hostnames and
IP addresses. For more information, see Migration with a New Hostname and IP
Address on page 41.
When you migrate to version 8.1, you must decide if you want to continue using the
same hostname and IP address for each instance. There are advantages and
disadvantages to either method.
Migration with the Same Hostname and IP Address
Using the same hostname and IP address can save you the time and effort of updating
your authentication agents, because you do not need to generate and distribute new
configuration (sdconf.rec) files to each agent.
However, your Authentication Manager servers will be unavailable when you remove
the existing version 6.1 deployment from the network and add the new version 8.1
deployment using the same name and IP address. You can minimize the impact by
deploying version 8.1 in a test environment. You can then shut down the existing
version 6.1 deployment and immediately move the version 8.1 deployment from the
test environment to your live network. Deploying version 8.1 in a test environment
ensures that any issues are discovered and resolved prior to going live.
If possible, RSA recommends that you remove the sdstatus.12 file to avoid having
agents attempt to contact servers that may be unavailable due to migration. Removing
this file eliminates cached server availability information that may cause temporary
delays in agent operation.
Migration with a New Hostname and IP Address
Using a new hostname and IP address for your version 8.1 deployment requires
additional time to generate and distribute new configuration files to each
authentication agent. The configuration file contains the new hostname and IP
address. Until you do this, users cannot authenticate, because the authentication agents
do not know the hostname and IP address of the version 8.1 instance. Therefore, the
agents cannot send authentication requests to the correct Authentication Manager.
Consider the number of agents in your deployment and the length of time it will take
to update all of them.
You will also need to reestablish each existing cross-realm relationship.