You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Deepnet DualShield is a very different platform from Deepnet Unified Authentication Platform (DUAP 3.x), from the server point of view. The main difference is the way they handle the user accounts. With DUAP 3.x, you would have imported all your user accounts from your AD to your Deepnet server. With DualShield, you will not need to. This is a major difference.

There is no upgrade path, you will have to migrate from DUAP to DualShield by exporting your user accounts and their tokens from Deepnet 3.x and importing them into DualShield.

A good point is that you will be able to run DUAP and DualShield in parallel, during the migration process. So you won't risk of interruption in the process. You will only switch over until DualShield is fully implemented, tested and ready to launch.

The migration utility, das-mig-1.0.zip, is available on our web site. You can download and extract it to a folder on your DUAP server.

Assuming that the installation folder of your DUAP server is at "C:\Program Files\Deepnet Authentication Server", then simply execute the batch file "runimg.bat" which will display below in the Command Console:

>set JAVA_HOME=C:\Program Files\Deepnet Authentication Server\jre
>set CLASSPATH=das-mig-1.0.jar;deepnet-common.jar;groovy-all-1.7.8.jar;log4j-1.2.15.jar;msbase.jar;mssqlserver.jar;msutil.jar;mysql-connector-java-5.1.7-bin.jar
>"C:\Program Files\Deepnet Authentication Server\jre\bin\java" -cp %CLASSPATH% com.deepnet.das.mig.Main "C:\Program Files\Deepnet Authentication Server\Tomcat\conf\server.xml"

If the installation folder of your DUAP server is not at "C:\Program Files\Deepnet Authentication Server", then you will need to edit "runimg.bat" and replace ""C:\Program Files\Deepnet Authentication Server" with the correct path.

The utility will output following files:

  • assignment.csv
  • tokens.xml
  • users.xml 

assignment.csv (token assignment - relationship between user and token) 

"domain","loginName","manufacturerCode","productCode","serial"
"2x","test","DN","SE","10001280"
"2x","test","DN","ME","77004287"

tokens.xml (token seed,like MobileID)

<dualshieldtokens>

<data>

    <header>

        <manufacturerCode>DN</manufacturerCode>

        <productCode>ME</productCode>

        <encode>HEX</encode>

        <encrypt>NONE</encrypt>

  </header>

  <tokens>

    <token>

        <serial>77004287</serial>

        <privSeed>1459044027</privSeed>

        <counter>1</counter>

    </token>

  </tokens>

</data>

<data>

    <header>

        <manufacturerCode>DN</manufacturerCode>

        <productCode>MT</productCode>

        <encode>HEX</encode>

        <encrypt>NONE</encrypt>

    </header>

    <tokens>

        <token>

            <serial>77004279</serial>

            <privSeed>9463326578</privSeed>

            <drift></drift>

        </token>

    </tokens>

</data>

</dualshieldtokens>

users.csv (account list)

appName,appID,loginName,userName,password,isLdap,email,mobile,description
"Security Officers","$SO$","sm","Security Manager","changeit",false,"","",
"Security Manager" "2x","2x","test","test user","",false,"","","" 
"parkoffice","parkoffice","alan.walter","alan walter","",true,"","",""


Import into DualShield

The user file (users.csv) is redundant if you are using LDAP identity source, you can just ignore it. If your identity source is SQL type, then you can import it through User Tab.

You may need to modify the appName so that it is consistent with the one already defined in V5x platform.

The token and assignment files are used in Token Management. You can import those tokens extracted from V3x into the new platform

After that, you can restore the token relationship (which person the token belongs to) by Assign Token, Again, you may need to modify the file assignment.csv to make sure the domain is identical to one  you have defined in the new platform.