Background - Currently we have IDM version 12.5 SP10 with about 2500 global users. We utilize password self-service / sync and have AD (3 endpoints), SQL DB (7 endpoints), Oracle DB (7 endpoints), and UNIX ETC (50 endpoints). For AD, we currently are only using the password self-service / sync; however, soon we would like to begin using provisioning roles to create AD accounts, assign AD groups, and create exchange mailboxes. One of the Oracle endpoints we have configured a template and corresponding provisioning role to create account, assign it to roles in the DB, and we push the users AD password to this endpoint - about 1500 users have an account in this endpoint. We are not doing much with the SQL DB's at this point in time; however, we would like to set up something similar to what we have for Oracle endpoint mentioned previously. For UNIX ETC we are currently only using it to manually create accounts (via provisioning manager tool) and manage UNIX passwords. We do not push the AD password to the UNIX endpoints though we would also like to do this. We do have RCM (aka GovernanceMinder), but we have not integrated IDM with it yet.
1 - We are planning to upgrade IDM to 12.6 SP3... I am reading through the volumes of documentation, but is there anything in particular we should be aware of while migrating from 12.5.10 to 12.6.3? Any tips or guidance would be appreciated.
2 - Currently our IDM environment is supported on 3 servers... One server runs JBOSS IDM App Server, another server runs CA Directory, CA Connector Server, and all the Provisioning components, and the third server is a SQL 2005 DB. Given the background info above, should we add more servers to our environment? The user console / password self-service runs VERY SLOW. Also the connectors are very flaky...constantly loosing connectivity. I am thinking maybe we should break out the Connectors to their own server or multiple? We do not want to add any functionality to this environment until we have upgraded and performance is better.
Any input would be greatly appreciated!