7 Upgrading MyID

This chapter contains important information on upgrading your MyID system. The upgrade procedure you must carry out depends on what version of MyID you are upgrading.

7.1 Before you upgrade

Note: Before you upgrade your MyID system to the current version of MyID, contact Intercede customer support quoting reference SUP-300 for advice on upgrading your particular configuration.

Check section 5, Additional hardware and software requirements to make sure that your system supports the latest version of MyID, and section 6, Pre-installation configuration to make sure that your system has been configured correctly. The MyID Installation Assistant automatically checks that your system meets these requirements; alternatively, you can use the System Interrogation Tool to confirm that your system meets the requirements for the current version of MyID – see the System Interrogation Utility guide for details.

Make sure that your client workstations are correctly configured; see section 5.2, Client workstation. For example, make sure that the MyID website has not been added to the list of compatibility view sites on any of your client PCs.

MyID 12.0 introduced the authentication user account. If you are upgrading a MyID 11.8 or earlier system, you must create this user before you run the installation program; see section 6.1.5, MyID Authentication account for details. If you are using SQL Authentication, you must also create an additional login to be used for the authentication database; see the Prerequisites section in the Microsoft Azure Integration Guide.

7.1.1 Selecting features when upgrading

In the MyID Installation Assistant, on the Select Roles and Features screen (see section 2.7, Selecting the server roles and features) make sure that the list of features you want to install is correct. The MyID Installation Assistant interrogates the registry for details of the features that are already installed, but the registry does not contain details of every feature.

You may also want to install new features that were not available in your previous version of MyID.

If you do not have a record of the features installed on a server, you can run the installation program for the already-installed version of MyID and select the Modify option. The Server Roles and Features screen lists what you have installed.

Note: The options in this installation program do not correspond exactly to the options displayed in the MyID Installation Assistant; the MyID Installation Assistant displays a list of options that has been organized to make it clear which options are optional. In addition, the Web Server option in the Modify process incorporates both the Web Server and Operator Client Web Services options in the MyID Installation Assistant; this option has been split in the MyID Installation Assistant to allow for greater flexibility when installing MyID.

See section 8.4, Modifying the installation for details of running the modify process.

7.1.2 Upgrading a split-tier system

If you are upgrading a system where the application server and web server are installed on different physical machines, you must upgrade the application server before you upgrade the web server; this allows you to upgrade the web server using the updated COM+ proxies from the application server.

7.1.3 Upgrading systems with edited appsettings.Production.json files

Important: The installation program may uninstall and reset the contents of any appsettings.Production.json files you have edited. You must back up any appsettings.Production.json files on your system and restore their settings after you have upgraded MyID.

7.1.4 Upgrading systems with custom LDAP mappings

If the MyID system you are upgrading has custom LDAP mappings, before you upgrade you must set a configuration option to prevent the installation program from overwriting your existing settings.

To retain your custom LDAP mappings while upgrading:

From the Configuration category, select Operation Settings.
On the LDAP tab, select the following:
- Custom LDAP mappings – set to Yes.
Click Save changes.

IKB-150 – Upgrading can reset LDAP mapping

If you are upgrading from a system earlier than MyID 10.7 that was connected to another LDAP directory type, the Custom LDAP mappings option will not be available, and configuration settings regarding attribute mapping may be reset to the Active Directory values.

Specifically, if mappings have been removed as the directory does not have an equivalent field, these will be re-added with ADS values. Existing mappings that are modified should remain unchanged, and custom additional field mappings should not be removed.

For more information on working around this issue, contact customer support, quoting reference IKB-150.

7.1.5 Upgrading systems with a web server outside the domain

If your system has been configured to use a web server outside the domain used for the rest of the MyID system, the custom configuration on the MyID application components presents some complications when upgrading. If your system meets this description, you are recommended to contact customer support quoting reference SUP-242.

7.1.6 Upgrading systems with customized configuration files

If you have made any changes to configuration files, such as the myid.config file for the various MyID web services, you must back up these files before you start the upgrade process, and merge in the changes once you have completed the new installation.

7.1.7 Upgrading systems with multiple databases

Your MyID system may have multiple databases; for example, a separate audit database, a separate audit archive database, or a binary objects database. You configure MyID to point to the appropriate database by configuring its .udl files; you are recommended to back up the MyID .udl files in the Windows SysWOW64 folder (for 32-bit MyID before version 12.0.0) or System32 folder (for 64-bit MyID from 12.0.0 on) before you upgrade MyID.

7.1.8 Authentication user

The MyID Authentication user is a new user account introduced at MyID 12.0. If you are upgrading from an earlier version, you must set up this authentication user account before you run the installation program.

See section 6.1.5, MyID Authentication account for details.

7.1.9 Authentication database

The authentication database is a new database introduced at MyID 12.0. This database is used to store authentication information, including details of audited authentication attempts.

If you are using SQL Authentication (for SQL Azure) you must create an additional login for this database; see the Prerequisites section in the Microsoft Azure Integration Guide for details.

7.1.10 Upgrading systems with multiple instances of the Certificate Server service

If you are upgrading from a 32-bit version of MyID to a 64-bit version of MyID, and your system uses multiple instances of the MyID Certificate Server (eCertificateSrv) service, you must back up your registry before starting the upgrade, then set up your additional service instances again after installing MyID, using the 64-bit Program Files path. See the Multiple Certificate Server Services guide (available on request from Intercede customer support).

7.1.11 Upgrading systems with customized services

If you are upgrading from a 32-bit version of MyID to a 64-bit version of MyID, and your system has customizations applied to the services through the registry, you must back up your registry before starting the upgrade, then set up your customizations again after installing MyID.