Not Migrated

Resolution

LDAP user certificates

Right-click your LDAP Identity Provider, search identity provider,

 

and import new certificates for users.

Internal user password history

No workaround.

Group membership data

Users and groups are migrated, but 

group membership

 is not. For the Internal Identity Provider (IIP) and Federated Identity Providers (FIPs), add users to groups.

FIPs virtual groups

Create virtual groups and add users.

Private key special purpose flags

Access Private Key Properties, click 

Mark as Special Purpose

, and reassign the appropriate keys.

Default HTTP proxy settings

Run Manage HTTP Options and update the settings.

Policy versions and their comments

Only the active version is migrated. You can use a version comment in 

migrateIn

 to set a generic comment for all create/updated.

Custom and modular assertions

Default password rules

Run Manage Password Policy and redefine the rules.

ESM-related data

Fix in the Enterprise Service Manager.

UDDI-related data

Run Manage UDDI Registries 

Service resolution configurations

Run Manage Service Resolution 

Licenses

Run Manage Gateway Licenses 

Log sink configuration

Run Manage Log/Audit Sinks 

Metrics and audits

No workaround.

Kerberos configurations

Run Manage Kerberos Configuration 

HSM private keys

For instructions, see Troubleshooting, "Error: Execution failed. Reason: Internal Server Error. Detail: Could not retrieve private key for export"

Cluster wide property when used in an encapsulated assertion

Cluster wide property values that are used as input of an encapsulated assertion are not migrated. The workaround is to set a variable in the policy that references the cluster wide property and include the local context variable in the encapsulated assertion.