Manualshelf

Troubleshooting guide

ManualsBrandsRSA Security ManualsServer6.1
41424344454647484950
2: Planning For Migration 47
RSA Authentication Manager 6.1 to 8.1 Migration Guide
Data Migration to a Specific Security Domain
In Custom Mode, you can choose to migrate the data to a specific security domain.
For example, when multiple version 6.1 realms are migrated into a single version 8.1
top level security domain, you may want to maintain some of the existing structure by
creating lower-level security domains for each version 6.1 realm, and migrating the
data to the lower-level security domain.
The Super Admin can migrate data into any security domain in the deployment. If
lower-level administrators are migrating the data in the dump file, they can only
migrate the data into a security domain over which they have administrative scope. In
such a case, the Operations Console displays only those security domains.
Logon Name Conversion from NTLM to UPN
In Custom Mode, version 8.1 can access and store user logon names in the UPN
(User Principal Name) format. An example of a UPN-formatted name is
auser@domain.com. Version 6.1 stores user logon names in the Windows NT LAN
Manager (NTLM) format, for example, DOMAIN\auser. You can map
NTLM-formatted names to an equivalent UPN-formatted name, so that authentication
requests from existing authentication agents can be processed.
If you choose not to perform any mapping, be aware that existing agents may not be
able to authenticate users.
Migration of Self-Service and Provisioning Data
RSA Deployment Manager, the self-service and provisioning solution provided by
RSA for previous versions of Authentication Manager, has been discontinued. Token
provisioning has been integrated into the Security Console and user self-service has
been integrated into the Self-Service Console.
Deployment Manager data is not migrated to the Self-Service Console. As a result, if
you are licensed to use the provisioning features of Deployment Manager, you must
make sure that all pending provisioning requests have been processed before you
migrate to version 8.1. Once you migrate, any pending requests are lost. You must
notify the users who made the requests that they will need to make another request
once the Self-Service Console is properly configured.
The token provisioning feature requires an Enterprise Server license.
Version 8.1 does provide predefined approver and distributor roles that you can assign
to administrators responsible for handling account and token requests.