In addition to the following prerequisites, ensure that you also meet the hardware and software requirements for Administration Console. See NetIQ Access Manager System Requirements.
A new IP address that will be used temporarily during the primary Administration Console migration.
Timeout Per Protected Resource (TOPPR) is enabled and applied in Access Gateway. In Administration Console, click Devices > Access Gateways > Edit, then click Enable Timeout Per Protected Resource.
If the Enable Timeout Per Protected Resource option has already been applied, it is not displayed.
The time of primary and secondary Administration Consoles time is synchronized. You can ensure this by configuring the machines to use the same network time server for time synchronization.
The health status for all devices in Administration Console is green.
For more information, see Monitoring Server Health
in the NetIQ Access Manager 5.0 Administration Guide.
Physical access to the server or server console (in case of VMWare setups) as a root user and you are familiar with iptables.
The required ports are opened in the firewall. For more information about ports, see Section 1.8.1, Required Ports.
Note down the contracts selected under the Satisfies contract list of SAML 2.0 and Liberty identity providers. These are under Devices > Identity Servers > Edit > [Protocol] > [Identity Provider] > Authentication Card.
You must manually configure these contracts after migration. This configuration will be effective after the Identity Server migration is done.
The hostname of the new 5.0.x Administration Console must be different from the existing 4.5.x primary and secondary Administration Consoles.
Ensure that the \etc\hosts file of the system where you are installing Access Manager has the hostname and IP address for the new Administration Console server. If the hostname of Administration Console is not listed in DNS, the hosts file is used to resolve the hostname of the machine to a valid IP address.
Ensure that the following RHEL RPMs are installed on the machine:
ncurses-libs.i686
createrepo
yum-utils
ntp
glibc.i686
nss-softokn-freebl.i686
libgcc.i686
libstdc++.i686
rsyslog.x86_64
rsyslog-gnutls.x86_64
unzip
bind-utils
net-tools
zip
net-snmp
expat
For installing RHEL packages manually, see Installing Packages and Dependent RPMs on RHEL for Access Manager.
NOTE:You can select to install these RPMs automatically along with Access Manager installation. While installing Access Manager, specify N when you get the following prompt:
Enter the local mount directory if you have the OS ISO mounted locally. This will be used as the local catalog for the additional rpms. Do you have a locally mounted ISO (y/n)?
The Access Manager installer checks the online catalog and then installs the required RPMs automatically.