Manage Migration Limitations

Depending on your migration, you may need to complete the following additional tasks after running the Gateway Migration Utility (GMU). Many of these migration limitations do not generate error messages.
Depending on your migration, you may need to complete the following additional tasks after running the Gateway Migration Utility (GMU). Many of these migration limitations do not generate error messages.
Not Migrated
Resolution
LDAP user certificates
Right-click your LDAP Identity Provider, search identity provider,
and import new certificates for users.
Internal user password history
No workaround.
Group membership data
Users and groups are migrated, but
group membership
is not. For the Federated Identity Providers (FIPs), add users to groups.
FIPs virtual groups
Create virtual groups and add users.
Private key special purpose flags
Access Private Key Properties, click
Mark as Special Purpose
, and reassign the appropriate keys.
Default HTTP proxy settings
Run Manage HTTP Options and update the settings.
Policy versions and their comments
Only the active version is migrated. You can use a version comment in
migrateIn
to set a generic comment for all create/updated.
Custom and modular assertions
Custom and modular assertion.aar and .jar files must be present before
migrateIn
or migration may not succeed. Put .aar or .jar files in the following directories:
  • Modular assertions
    : /opt/SecureSpan/Gateway/runtime/modules/assertions
  • Custom assertions
    : /opt/SecureSpan/Gateway/runtime/modules/lib
Default password rules
Run Manage Password Policy and redefine the rules.
ESM-related data
Fix in the Enterprise Service Manager.
UDDI-related data
Run Manage UDDI Registries.
Note:
UDDI support is deprecated in
Layer7 API Gateway
.
Service resolution configurations
Licenses
Log sink configuration
Metrics and audits
No workaround.
Kerberos configurations
HSM private keys
For instructions, see Troubleshooting, "Error: Execution failed. Reason: Internal Server Error. Detail: Could not retrieve private key for export"
Cluster wide property when used in an encapsulated assertion
Cluster wide property values that are used as input of an encapsulated assertion are not migrated. The workaround is to set a variable in the policy that references the cluster wide property and include the local context variable in the encapsulated assertion.