Subscribe
Notes on upgrading Windows Servers (including domain controllers) when AuthLite is installed.
In-place upgrade
You can perform an in-place upgrade of Windows Server without damaging any AuthLite data stored on your domain.
- For safety, back up the existing key data with the following procedure:
- Open the AuthLite Data Manager
- Click the domain node for your domain name
- Click into the right pane, and select all records or press ctrl-A
- Go to File->Export Keys, and save the key data to an XML file
- You should not need that XML file if all goes well, but put it in a safe place off of the server.
- After completing the Windows upgrade, run the AuthLite installer again and select "Repair". This will refresh shortcuts in the start menu, and other installation settings.
- All AuthLite accounts and settings should remain as they were prior to the upgrade.
- After the upgrade, please REMOVE the backed up XML file, as it contains sensitive OTP data.
Migrating to different servers
If you will move to entirely new servers instead of doing in-place upgrades of your existing servers, then you must manually migrate the AuthLite data. However, if you are upgrading domain controllers one at a time and keeping the same domain data throughout the process, you don't need to back up/restore the AuthLite key data from the Data Manager.
On the old server:
- Back up the existing key data with the following procedure:
- Open the AuthLite Data Manager
- Click the domain node for your domain name
- Click into the right pane, and select all records or press ctrl-A
- Go to File->Export Keys, and save the key data to an XML file
- Note that if you are upgrading domain controllers one at a time and keeping the same domain data throughout the process, you don't need to back up/restore the AuthLite Data Manager data.
- There is not currently a way to export settings from the AuthLite Configuration tool, so make a note of your existing settings.
On the new server:
- Install AuthLite
- In the AuthLite Configuration app, go through each dialog and set proper values as you had in your old domain.
- If moving to a fresh domain, open the AuthLite Data Manager, and import the XML file from the old server via File->Import Keys. This will restore all data that associates users and keys.
- IMPORTANT note for AuthLite version 1.x: If you had AuthLite Integrated users on the old domain, and you create new user accounts (even if they have the same names as the old accounts did), the AuthLite "integration" will not carry over to the new user accounts. Integrate them again on the new server via the change password screen. If this would be too much trouble, consider doing an in-place domain upgrade so that your user accounts will be migrated intact.
- After the upgrade, please REMOVE the backed up XML file, as it contains sensitive OTP data.