How to Upgrade CPM to v2.2.x and Integrate It With Identity Providers such as Active Directory & OktaAs data governance and compliance becomes increasingly critical, we know how important it is for Enterprises and Public Sector entities to have complete control of data flow within an organization. We wanted these enterprises to have full and effective control of who can access CPM, and we wanted events like the employee termination process to be worry-free, with minimal administration and without any risk of permission breaches. For organizations grappling with backup and recovery woes of their AWS resources, N2WS offers N2WS Backup & Recovery (CPM), a cloud-native backup, recovery, and disaster recovery solution built specifically for AWS. Legacy solutions don’t work out in terms of cost, reliability, and speed. Human error and knowledge transfer stemming from home-grown scripts are becoming an increasing and crucial risk for data security and stewardship. With CPM, you can automatically back up data as frequently as needed and recover data at a faster pace than with traditional backup solutions. CPM is a reliable and cost-effective service with a simple administration that does not require a lot of technical expertise. With our latest release, CPM 2.2.x, CPM can now support integration with all SAML based identity providers such as Okta, LDAP and Microsoft Active Directory Federation Services (AD FS). This key feature will reduce administrative tasks and simplify the lives of end users who no longer need to remember multiple usernames and passwords to log in to numerous applications. Not only does this offer more convenient, centralized control, it enhances data governance and stewardship by managing permissions as well as automating the employee termination process. In this how-to guide, we’ll walk through the upgrade path from older versions (including any necessary precautions) and the steps needed to integrate with SAML-based Identity providers, using Okta as a use case.
How to UpgradePrior to upgrading to the new version of CPM, terminate the current CPM instance. Then, start a new one. Complete the following steps:
Step 1Using the EC2 console option, launch a new instance in the same region and Availability Zone as the previous one.
Step 2Terminate the old instance—make sure that the backup is not running while initiating termination.
Step 3To be on the safe side, create a CPM data volume snapshot by clicking the “Create snapshot” hyperlink. This snapshot can be useful in case the upgrade process fails. Once the CPM server is up and running, the snapshot can be deleted.
Step 4With the new instance in the running state, connect it to a browser via HTTPS.
Step 5Select the existing data volume from the dropdown list and paste it into AWS credentials.
Step 6The new CPM version will be up and running as soon as the configuration has finished selecting the old data volume from all the available volumes.
Step 7If your backup scripts are using SSH, you may need to run the scripts manually by logging in to the CPM Server, to accept the usage of the private key. There are multiple upgrade paths, depending on the CPM version you are running. To upgrade v2.0.2, first apply the patch “patch_2.0.2_required_for_2.1.0_upgrade.tar”, then apply the latest patch. On top of the CPM version, agent versions must also be upgraded – the latest agent version is 2.11. Please refer to the User Guide for upgrading agents and policies. Don’t worry if you mistakenly apply the same patch twice; this is completely safe and won’t cause any disruption to your environment. A word of caution: do not apply patches while backups, restorations, or disaster recovery processes are running.
How to Integrate with SAML-based Identity ProvidersCPM version 2.2.x supports integration with all SAML based identity providers (IdP). With the help of this integration, user authentication happens at IdP level, providing a seamless login to CPM. The main configuration steps involved in this integration are configuring IdP to work with CPM, and configuring CPM to work with IdP.
Configuring IdP to Work With CPM – Okta Use CaseWe will now show you how to configure CPM to work with Okta—a SAML based leading provider of identity to enterprises. Okta supports more than 5000 integrations and provides simple and secure access to a large number of enterprises.
Step 1Log in to the Okta organization using admin credentials. If you don’t have access, sign up at the developer portal.
- Go to the feedback tab in App Wizard.
- Select “I’m a software vendor. I’d like to integrate my app with Okta.” to add CPM to the Okta Integration Network (OIN).
- Click “Submit your app for review.” You will now be redirected to the OIN Manager.