Skip to main content
Version: On prem: 15.0.1

Upgrade steps

info

Before upgrading, make sure that you have followed all required procedures described in the Upgrade guides section.

Upgrade software on all servers where Omada Identity is installed.

Upgrade Omada Identity Enterprise Server portal

To upgrade Omada Identity Enterprise Server:

  1. Uninstall the old version of Omada Identity Enterprise Server first, and then install the new version of Enterprise Server. After installation is completed, select the Show the Windows Installer log option and if necessary, save the log file.

  2. Run the Omada Enterprise Configuration Utility.

    • When you are prompted, enter the connection string that you saved. Then, click OK.

    • Click OK again to upgrade the database, then when the Setup complete message appears, click OK, and close the configuration utility.

      info

      At this point, in the Windows registry, ensure you enter the PswEncryptionKey that you copied.

note

If you have modified the web.config file, it won't be updated during the upgrade of Enterprise Server. In consequence, the Omada Identity application may not start or you may see the following error(s):

Could not load file or assembly 'Microsoft.Owin, Version=2.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies.The located assembly's manifest definition does not match the assembly reference.(Exception from HRESULT: 0x80131040)

To fix the problem, go to C:\Program Files\Omada Identity Suite\Enterprise Server\website\web.config and replace the content of <configuration><runtime><assemblyBinding> with the following <dependentAssembly> elements:

dependentAssembly elements
<runtime>
   <generatePublisherEvidence enabled="false"/>
   <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Kiota.Abstractions" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-1.7.5.0" newVersion="1.7.5.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Security.Cryptography.ProtectedData" publicKeyToken="B03F5F7F11D50A3A" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.0.5.0" newVersion="4.0.5.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Security.AccessControl" publicKeyToken="B03F5F7F11D50A3A" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Threading.Channels" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Net.Http.Json" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Extensions.Primitives" publicKeyToken="ADB9793829DDAE60" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Extensions.Http" publicKeyToken="ADB9793829DDAE60" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Azure.Core.Amqp" publicKeyToken="92742159E12E44C8" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-1.3.0.0" newVersion="1.3.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Azure.Identity" publicKeyToken="92742159e12e44c8" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-1.11.2.0" newVersion="1.11.2.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Spatial" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.12.3.0" newVersion="7.12.3.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.OData.Edm" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.12.3.0" newVersion="7.12.3.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.OData.Core" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.12.3.0" newVersion="7.12.3.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-13.0.0.0" newVersion="13.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Web.Http" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-5.2.8.0" newVersion="5.2.8.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Net.Http.Formatting" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-5.2.8.0" newVersion="5.2.8.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.2.2.0" newVersion="4.2.2.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.2.2.0" newVersion="4.2.2.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.ApplicationInsights" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-2.20.0.103" newVersion="2.20.0.103"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.2.0.0" newVersion="7.2.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.2.0.0" newVersion="7.2.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Diagnostics.DiagnosticSource" culture="neutral" publicKeyToken="cc7b13ffcd2ddd51"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.1" newVersion="6.0.0.1"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" culture="neutral" publicKeyToken="b03f5f7f11d50a3a"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Bcl.AsyncInterfaces" culture="neutral" publicKeyToken="cc7b13ffcd2ddd51"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Buffers" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Omada.Identity.Integration.Model" publicKeyToken="fd90371937d85573" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-15.0.22.0" newVersion="15.0.22.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Omada.Identity.Integration.Common" publicKeyToken="fd90371937d85573" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-15.0.22.0" newVersion="15.0.22.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.ComponentModel.Annotations" culture="neutral" publicKeyToken="b03f5f7f11d50a3a"/>
       <bindingRedirect oldVersion="0.0.0.0-4.2.1.0" newVersion="4.2.1.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.ValueTuple" culture="neutral" publicKeyToken="cc7b13ffcd2ddd51"/>
       <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Numerics.Vectors" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.1.4.0" newVersion="4.1.4.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Memory" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.0.1.2" newVersion="4.0.1.2"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Memory.Data" culture="neutral" publicKeyToken="cc7b13ffcd2ddd51"/>
       <bindingRedirect oldVersion="0.0.0.0-1.0.2.0" newVersion="1.0.2.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Extensions.DependencyInjection.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Extensions.DependencyInjection" publicKeyToken="adb9793829ddae60" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Text.Json" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.9" newVersion="6.0.0.9"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Azure.Core" publicKeyToken="92742159e12e44c8" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-1.39.0.0" newVersion="1.39.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.IdentityModel.Abstractions" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.2.0.0" newVersion="7.2.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.IdentityModel.JsonWebTokens" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.2.0.0" newVersion="7.2.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.2.0.0" newVersion="7.2.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Omada.Identity.Integration.ApiClient" publicKeyToken="fd90371937d85573" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-14.0.56.0" newVersion="14.0.56.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.Extensions.Options" publicKeyToken="ADB9793829DDAE60" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.IdentityModel.Protocols.OpenIdConnect" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.2.0.0" newVersion="7.2.0.0"/>
     </dependentAssembly>
     <dependentAssembly>
       <assemblyIdentity name="Microsoft.IdentityModel.Protocols" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
       <bindingRedirect oldVersion="0.0.0.0-7.2.0.0" newVersion="7.2.0.0"/>
     </dependentAssembly>
   </assemblyBinding>
 </runtime>

Upgrade Omada Data Warehouse

  1. Create a backup of the files Omada ODW WebService.dtsConfig and Omada ODW ConnectionString.dtsConfig.
  2. Start the Omada Data Warehouse.x64 SQL 20xx installer.
  3. Follow the upgrade steps in the installation wizard.
  4. Reapply the previously backed-up files Omada ODW WebService.dtsConfig and Omada ODW ConnectionString.dtsConfig.

Add a new record to dbo.tblApplicationSetting

Add a new record to the dbo.tblApplicationSetting table. This record specifies the path where the Omada Data Warehouse (ODW) is installed.

note

If the record is not created, the system defaults to the path C:\Program Files\Omada Identity Suite\Datawarehouse\.

To add a record to the table, perform the following script:

INSERT INTO [dbo].[tblApplicationSetting]
([ID], [Key], [Description], [ValueStr], [Type])
VALUES
(
  (SELECT MAX([Id]) + 1 FROM [dbo].[tblApplicationSetting]), 
  'installationFolder', 
  'The Folder where the ODW is installed', 
  '{PathToTheFolder}', 
  0
)

Upgrade Omada Role and Policy Engine

  1. Uninstall the old version of Omada Identity Role and Policy Engine.
  2. Install the new version.
  3. Compare the RoPE C:\Program Files\Omada Identity Suite\Role and Policy Engine\Service\ConfigFiles file with the previous version. This is necessary because the file can be altered by the code extension update.
info

If you have any custom RoPE extensions, you must remove or manually upgrade those before starting Omada Role and Policy Engine Service.

Upgrade standard collectors package

The following standard collectors are applied with the standard collectors package:

  • REST
  • Active Directory
  • Flat file CSV
  • SQL
  • LDAP
  • SOAP
  • SAP Access Data
  • SAP HCM

To install a Connectivity Package in your installation of Omada Identity, follow the steps below:

  1. Go to Omada Identity Product Downloads on the Omada HUB -> Connectivity-> Omada.Connectivity.StandardCollectors

    Download the Omada.Connectivity.StandardCollectors package from the Omada HUB.

  2. Extract the contents of the downloaded ZIP file to a known folder, for example, C:\Users\administrator\Downloads\.

  3. Run the Command Prompt (cmd) as the administrator.

  4. Navigate to the folder where you extracted the Package and to the Registration Utility folder within, for example, C:\Users\administrator\Downloads\RegistrationUtility.

  5. Register the connectivity using the Register Connectivity tool supplied with the package. Register the Connectivity package using Omada Identity OData API.

    Using the integrated authentication, run the following command:

    "Omada.SDK.RegisterConnectivity.exe" -F
    "
    C:\Users\administrator\Downloads
    \Omada.Connectivity.
    <name>.15.0.0.<XX>\Artifacts\Registration\Registration.xml" -url
    "<url>/odata"

    where:

    • C:\Users\administrator\Downloads\ is changed to the actual location where you extracted the Connectivity package

    • <name> is the name of the downloaded Connectivity package

    • <XX> is the actual version of the downloaded Connectivity package

    • <url> is the actual URL to your Omada Identity OData API endpoint

    If you are a Data Administrator, you can perform the registration in the context of another user. To do so, run the following command:

    "Omada.SDK.RegisterConnectivity.exe" -F
    "
    C:\Users\administrator\Downloads
    \Omada.Connectivity.
    <name>.15.0.0.<XX>\Artifacts\Registration\Registration.xml" -url
    "<url>/odata" -user "<user>" -pwd "<password>"

    where:

    • C:\Users\administrator\Downloads\ is changed to the actual location where you extracted the Connectivity package

    • <name> is the name of the downloaded Connectivity package

    • <XX> is the actual version of the downloaded Connectivity package

    • <url> is the actual URL to your Omada Identity OData API endpoint

    • <user> is your actual administrator username

    • <password> is your actual password

  6. Go one folder up (to C:\Users\administrator\Downloads\Omada.Connectivity.<name>.15.0.0.<XX>) and run the command:

    powershell . ./deploy.ps1

    info

    The deploy.ps1 script copies binaries to the appropriate places. It starts and stops services, if necessary, for example OPS and ES Timer Services. It is necessary to run the script on all servers hosting ES, ODW or OPS.

  7. Run the Enterprise Server and go to Setup -> Administration -> Connectivity -> Packages and check if the installed Connectivity package is on the Package list.

note

The Register Connectivity tool is also a part of the Connectivity SDK. You can find more details on the tool in the SDK Connectivity guide.

Upgrade Omada Data Preview

  1. Start the Omada Preview Service installer. Run the installer as an Administrator.
  2. Follow the upgrade steps in the installation wizard.

Verify installed applications (optional)

  1. Open the control panel on the server.

  2. Select Uninstall program.

  3. Verify that all Omada applications are in the appropriate, most current version.

Start the application

info

During the first startup of the application, a set of update actions are executed. If the first startup of the application is the website, there can be a timeout challenge when applying update actions depending on the amount of data being updated. As such, it it recommended to run the ChangeSetImportUtil.exe command line utility with the -K parameter before starting up the website as it will install all core packages/changesets and apply update actions.

Start ODW

  1. In the ES Audit database, reapply the script CreateObjects.OISAudit.sql located in C:\Program Files\Omada Identity Suite\Datawarehouse\Support files.

    note

    If you used SQL server authentication for the ODW connection strings in the dtsConfig file, you need to encrypt the connection strings first. However, it is recommended that you switch to integrated security instead.

  2. Start the Import configuration import profile, either from the ES portal or by using the PowerShell script C:\Program Files\Omada Identity Suite\Datawarehouse\Support Files\ImportConfiguration.ps1.

  3. Wait until the configuration import finalizes.

Start the Enterprise Server

  1. Start the ES portal and application pool.

  2. Open the ES portal.

    Please allow the required time for the portal to apply automatic updates.

note

After upgrading, you must update all Standard Application packages that are already installed to the newest version. If you do not do this, the application will not work as expected. You can update the packages directly from the web UI.

The total number of changes in the upgrade and the number of successfully imported packages may differ, since some of the changes are discarded during the upgrade.

Start Omada Identity Windows services

  • Omada Provisioning Service

    • Check the event log for errors.

    • From the Enterprise Server Portal, go to any system or dashboard where provisioning using Omada Provisioning Service is enabled, and select Commit setting.

      note

      The way OPS represents the connector data model in the OPS database has changed. The changes are made to avoid clashes on object type and property types.

  • Omada Identity Suite Timer Service

    • Check the event log for errors.

Start Omada Role and Policy Engine Service

  • Check the event log for errors.