IBM Support

IBM Security Privileged Identity Manager fix pack 2.1.0-ISS-ISPIM-VA-FP0008

Download


Abstract

This fix pack for IBM Security Privileged Identity Manager, Version 2.1.0 contains fixes.

Download Description

You can upgrade the following versions of  IBM Security Privileged Identity Manager directly to Fix Pack 8:

To upgrade from To Method
Any one of the following IBM Security Privileged Identity Manager versions:
  • Version 2.1.0 GA
  • Version 2.1.0 with Fix Pack 3
  • Version 2.1.0 with Fix Pack 6
  • Version 2.1.0 with Fix Pack 7
 IBM Security Privileged Identity Manager Version 2.1.0 with Fix Pack 8
Choose any of the following methods:
  • USB
  • FileUpload Tool
See the following pages for more information about upgrading by using any of the following methods:
This fix pack corrects security vulnerabilities and the following issues that are found in IBM® Security Privileged Identity Manager 2.1.0 release:  
  • APAR IV85749
    Unable to disable SNMP in ISPIM dashboard.
  • APAR IJ00391
    PIM 2.1 VA LMI does not display all properties when the page size is less than the total number of properties.
  • APAR IJ02221
    SNMP configuration is not editable.

Prerequisites

This fix pack contains the following files:

  • 2.1.0-ISS-ISPIM-VA-FP0008.pkg (The IBM Security Privileged Identity Manager v2.1.0, Fix Pack 8 file)
  • 2.1.0-ISS-ISPIM-VA-FP0008.pkg.md5 (md5 sum for the 2.1.0-ISS-ISPIM-VA-FP0008.pkg file)
     

Before you install Fix Pack 8, back up the existing Virtual Appliance:

  • Use the hypervisor or VMWare client to take a snapshot of the external data tier (Directory Server and Database system)
  • Take a snapshot of the Virtual Appliance by performing one of the following methods:

Installation Instructions

IMPORTANT

After you install the firmware with the Command Line Interface (CLI), ensure that the installation process is completed before you perform any of the following options:

  • Restart the virtual appliance
  • Apply a subsequent fix pack

You can verify that the installation process is completed by performing one of the following actions:

  • From the CLI: 
    Wait for the login prompt to be displayed on the CLI.
  • From the LMI:
    1. Login to the Appliance Dashboard.
    2. Navigate to Monitor > Logs > Event log. If the installation is successful, the log shows 
The update ispim_<pkg file name> was successful.

Upgrading the standalone virtual appliance for deployments with VMware ESXi

See  Installing the fix pack by using the FileUpload Tool.

Upgrading the virtual appliance cluster for deployments with VMware ESXi

Important: The required ISO files for clustered deployments are downloadable from updated images on Passport Advantage. Download the updated images from Passport Advantage and learn more from the February 2019 eAssembly update of the download document .
  1. Stop the member nodes.
  2. Remove member nodes from the cluster.
    1. In the primary node, from the Appliance Dashboard, click Configure > Manage Cluster.
    2. Select the nodes and remove them.
  3. Upgrade the primary node. See Installing the fix pack by using the FileUpload Tool
  4. Verify that the primary was successfully upgraded. 
  5. Create new member virtual appliances, with the same version as the upgraded primary node by performing the following steps: 
    1. Deploy IBM Security Privileged Identity Manager version 2.1.0.8 by using the IBM Security Privileged Identity Manager v2.1 Virtual Appliance for VMware ESXi with Fix Pack 8 image (2.1.0-ISS-ISPIM-VA-FP0008.iso). 
    2. Perform the initial set up of the Virtual appliance : Set up the virtual appliance
    3. Connect the member node to the upgraded primary : Setup member node
  6. Modify the load balancer configuration with the changes, if required.

Upgrading the standalone virtual appliance for deployments with Citrix XenServer

Upgrading the virtual appliance cluster for deployments with Citrix XenServer

Important: The required VHD files for clustered deployments are downloadable from updated images on Passport Advantage. Download the updated images from Passport Advantage and learn more from the  February 2019 eAssembly update of the download document .
  1. Stop the member nodes.
  2. Remove member nodes from the cluster.
    1. In the primary node, from the Appliance Dashboard, click Configure > Manage Cluster.
    2. Select the member nodes and remove them.
  3. Upgrade the primary node. See Upgrading the virtual appliance standalone for deployments with Citrix XenServer. 
  4. Verify that the primary was successfully upgraded. 
  5. Create new member virtual appliance(s), with the same version as the upgraded primary node by performing the following steps: 
    1. Deploy IBM Security Privileged Identity Manager version 2.1.0.8 by using the IBM Security Privileged Identity Manager v2.1 Virtual Appliance for Citrix XenServer with Fix Pack 8 image (2..1.0-ISS-ISPIM-VA-FP0008_vhd.zip). 
    2. Perform the initial set up of the Virtual appliance : Set up the virtual appliance
    3. Connect the member node to the upgraded primary : Setup member node
  6. Modify the load balancer configuration with the changes, if required. 
 

Installing the fix pack by using the FileUpload Tool


Procedure

  1. Copy the tool to a system where Java is already installed. Java version 1.7 is recommended. See IBM Security Identity Virtual Appliance Firmware Update Transfer Utility version 2.1 .
    Note: You can use the Java version 1.7 installed with many IBM products, such as WebSphere Application Server.
  2. Copy the firmware update (pkg) file, obtained from IBM Fix Central to the file system. See  IBM Security Identity Virtual Appliance Firmware Update Transfer Utility version 2.1 .
  3. Run the the following command to upload the ispim_2.1.0.8_90.pkg file. 

    java -jar FileUpload_2.1.0.jar pimva.ibm.com:9443 admin <password for admin account> <path to>/temptrust.jks WebAS <path to upgrade package>.pkg
    -
    For example:
    Windows
    C:\Upg>java -jar FileUpload_2.1.0.jar pimva.ibm.com:9443 admin admin c:\Upg\temptrust.jks WebAS c:\Upg\2.1.0-ISS-ISPIM-VA-FP0008.pkg
    Linux
    java -jar FileUpload_2.1.0.jar pimva.ibm.com:9443 admin admin /work/temptrust.jks WebAS /Downloads/2.1.0-ISS-ISPIM-VA-FP0008.pkg

    You see the following message when the upload is successful:
    Upload completed successfully.
     
  4. After the 2.1.0-ISS-ISPIM-VA-FP0008.pkg file is transferred, use the following appliance CLI to install the firmware:
    ispim > upgrade > install
  5. When you are prompted, type the reboot command and press Enter to restart the virtual system by using Partition 2. Partition 2 is now the active partition.
    The results are as follows:
    - After the virtual appliance restarts from the Partition 2, all Partition 1 configuration information is applied to the Partition 2.
    - After the configuration is applied to the virtual appliance, the log in prompt is displayed in the CLI.
  6. Access the dashboard at https://<hostname>:9443. It indicates you must restart the virtual appliance.
  7. Restart the virtual appliance to complete the upgrade process.
  8. Verify the fix pack version of the virtual appliance by accessing https://<hostname>:9443/about.

Troubleshooting

If you still have problems connecting to the LDAP server over SSL, after you apply the fix pack, complete the following steps: 

  1. Restore the virtual appliance to the snapshot that was taken before Fix Pack 8 was applied.
  2. Reapply Fix Pack 8.

On
[{"DNLabel":"2.1.0-ISS-ISPIM-VA-FP0008","DNDate":"04 Feb 2019","DNLang":"English","DNSize":"2695368611","DNPlat":{"label":"Appliance","code":"PF004"},"DNURL":"https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Privileged+Identity+Manager&release=2.1.0&platform=Linux&function=fixId&fixids=2.1.0-ISS-ISPIM-VA-FP0008&includeRequisites=1&includeSup","DNURL_FTP":"","DDURL":null}]
[{"Product":{"code":"SSRQBP","label":"IBM Security Privileged Identity Manager"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF004","label":"Appliance"}],"Version":"2.1.0","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
08 February 2019

UID

ibm10870200

Page Feedback