Login
    Contenu x
    Prepare the Destination System
    • 22 Oct 2024
    • 3 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Prepare the Destination System

    • Mis à jour le 22 Oct 2024
    • 3 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Configure the destination system

    When you perform a data migration, the destination system should be configured as follows:

    • Destination available. The destination product (OneSpan Authentication Server Appliance or OneSpan Authentication Server) must be running and available for administrative connections.

    • Disabled maker–checker authorization. The destination system cannot have maker–checker authorization enabled, if applicable.

    • Latest updates applied. The latest available patch for the OneSpan server software should be applied, to allow correct connection by Data Migration Tool.

    Create an administrative account

    An administrator account must be available in the destination system that is used to connect to the system and write the data. The user account must exist in the master domain and have the Access Data in All Domains administrative privilege assigned. Its administrator level must be set to the maximum value (255 on OneSpan Authentication Server, 100 on OneSpan Authentication Server Appliance).

    Additionally, the account will need permissions to read, write, create, and delete the following record types:

    • Authenticators

    • Authenticator applications

    • User accounts

    • Policies

    • Components

    • Back-end servers

    • Reports

    • Report formats

    • Domains

    • Organizational units

    We highly recommend to create and use a dedicated administrator account for data migration to avoid any issues during or after migration. Since OneSpan Authentication Server does not allow to change the permissions of the active user account, you will receive a respective error when DMT attempts to migrate the administrator account that is used to connect to the system.

    When you apply the bundle file to set OneSpan Authentication Server Appliance to migration mode, the Update wizard provides a dedicated user account that you should explicitly use for migration purposes. By default, that user account is called migration_user, unless another user account with that name already exists. In that case, it is named differently.

    Create an Administration Program client component

    If the Require administration client component registration setting is enabled in the OneSpan Authentication Server configuration, a client component record of the type Administration Program must exist for the machine on which DMT is installed.

    Verify the non-SSL SEAL connection port

    Data Migration Tool (DMT) does not support SSL connections to OneSpan Authentication Server. Verify the configuration for the OneSpan Authentication Server instance to be used by DMT.

    To verify which port is used for non-SSL SEAL connections

    1. Log in to the OneSpan Authentication Server Administration Web Interface.

    2. Connect to the OneSpan Authentication Server instance to be used.

    3. Select SYSTEM > Server Configuration.

    4. Switch to the Communicators tab and expand the SEAL Communicator (non-secure) section

    5. Verify which port is used for non-SSL SEAL connections to OneSpan Authentication Server. By default, this is 20003.

      Use this port for the data migration.

    Prepare ODBC database as data store

    The destination database must be created, and the schema extended and verified before the data migration. To extend the schema run the following command:

    dpdbadmin addschema –u dbusername –p dbpassword -d dsn

    where:

    • dbusername is the user name of the database administrator account

    • dbpassword is the corresponding password of dbusername

    • dsn is the ODBC data source name

    To verify that the schema is correct, run the dpdbadmin checkschema command.

    For more information about the dpdbadmin utility, refer to the OneSpan Authentication Server Administrator Guide, Section "ODBC Database Command-Line Utility".

    If your organization is impacted by the General Data Protection Regulation (GDPR), be aware that the destination database and connections to it must be encrypted. The OneSpan Authentication Server embedded database can be installed with data-at-rest encryption for the database, and ODBC connection encryption.

    For more information about GDPR, refer to the OneSpan Authentication ServerGeneral Data Protection Regulation Compliance Guide.

    If Windows Name Translation will be enabled during the migration, ensure that any domains to which user records may be assigned to are already created in the destination database, unless they are present in the source database. For more information, see Perform Windows name resolution.

    Verify that these key configuration settings are correct:

    • Master domain

    • Case conversion

    Typically these settings will be identical between source and destination product.

    Restart the destination system in migration mode

    Restart the destination system in migration mode (see Migration mode).

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle