Skip to main content

Preparing for Access Analyzer Upgrade

NOTE: Return to the main workflow page here: Access Analyzer Upgrade Workflow Articles. Proceed to the next section: Upgrading Access Analyzer.

Overview

This article lists the steps to prepare for the Access Analyzer upgrade procedure.

Upgrade Considerations

Refer to the following points to learn more about the upgrade scope:

  • The Access Information Center (AIC) should be upgraded along with Access Analyzer.
  • If you run SharePoint on-premises scans, update the SharePoint agent on the SharePoint server.
  • When upgrading from v11.5 to v11.6, re-schedule all Azure jobs due to the Entra ID rebranding.
  • When upgrading from v11.5 to v11.6, manually upgrade each proxy service instead of running the FS_UpdateProxy job.

Reference Screenshots

Take the following reference screenshots before the upgrade:

  • Installed programs (Programs and Features) via Control Panel:

    appwiz.cpl

  • License (Help > About)

  • Each of the global Settings subnodes

  • The Schedules node

    IMPORTANT: When upgrading from Access Analyzer v11.5 to v11.6 or later, pay attention to any Azure-related tasks. Recreate these tasks under the new Entra ID naming after the upgrade.

  • The job tree structure with the contents of each module

  • Query settings of the Active Directory Inventory > 1-AD_Scan job, including the Options page and the Custom Attributes page

  • Upload the Active Directory Inventory > 1-AD_Scan > Active Directory Summary report to Salesforce (Customer Account > Related > Notes & Attachments)

    IMPORTANT: Upload the screenshot to Salesforce — Customer Account > Related > Notes & Attachments.

  • Every page of the FSAA, FSAC, SEEK, SPAC, SPAA/SPSEEK scans query settings

  • Every page of the AIC settings

File Backups

Create a separate folder named NEAUpgrade_%date% to store backup files. Back up the following items:

  • Access Analyzer license file:

    %SAInstallDir%StealthAUDIT.lic

  • Host list definitions:

    %SAInstallDir%SADatabase\Views

  • All connection profiles:

    %SAInstallDir%SecurityMap

  • Global Options/Settings:

    %SAInstallDir%GlobalOptions.xml

  • Connection profiles:

    %SAInstallDir%SPProfiles.xml

  • RBA configuration:

    %SAInstallDir%rba.conf

  • Reporting RBA configuration:

    %SAInstallDir%rba-reporting.conf

  • Published reports configuration:

    %SAInstallDir%Web\WebServer.exe.config

  • Custom SDD criteria:

    %SAInstallDir%DC\MyPatternsDef.xml

  • Configured SDD criteria:

    %SAInstallDir%DC\PatternsDef.xml

  • Customized jobs:

    %SAInstallDir%Jobs

  • Certificates on the server and the ports they are bound to:

    1. Create an ssl.txt file in the NEAUpgrade_%date% folder.

    2. Hold Shift, right-click the text file, and select Copy as path.

    3. In an elevated PowerShell instance, run the following command to save the netsh output to the file:

      netsh http show ssl > %ssl.txt_location%

      Example:

      netsh http show ssl > "C:\Users\agradmin\Desktop\testfolder\ssl.txt"

  • AIC configuration:

    • In AIC v11.5:

      C:\inetpub\wwwroot\StealthAUDIT Compliance\

    • In AIC v11.6:

      C:\Program Files\STEALTHbits\Access Information Center