Migrating IdentityServer and ASP.NET Identity Core to AdminUI
If you have an existing IdentityServer or ASP.NET Identity Core setup then you will need to run script based migrations on their respective databases before being able to apply the AdminUI migrations.
The migration scripts provided work for versions 2.5.4 and 3.1.2 of IdentityServer4 and versions 2.1, 2.2 and 3.1 of ASP.NET Identity Core, before running them you must migrate your databases to the latest version of these libraries. The scripts are only available for SqlServer and would need to be modified to run for PostgreSql or MySql.
Before running the migrations scripts you will need to backup your databases as there is no rollback script available from this point.
To migrate your ASP.NET Identity Core schema to then be able to run further migrations you can use the script found here: Migration script.
This requires you to have all AspNetUserClaims records to have a ClaimType value and will add columns and tables to your database. Once the script has finished running you can apply the Identity migration from the AdminUI Migrations section.
To migrate your IdentityServer schema to then be able to run further migrations you can use the script found here: Migration script.
Once the script has finished running you can apply the Configuration, ExtendedConfiguration and Operational migrations from the AdminUI Migrations section.
AdminUI comes with a tool to run all the necessary migrations. Alongside its own migrations, AdminUI can optionally run and maintain your IdentityServer4 and or Identity migrations, or you can handle them yourself. If you own SAML2P or WS-Fed, and wish to use its respective features within AdminUI, you will need to run their migrations.
By navigating to your AdminUI install directory and locating the IdentityExpress.Manager.Api.dll you can you run the dll using
dotnet IdentityExpress.Manager.Api.dll -migrate <migration-to-run>
AdminUI has a number of different migrations that need to be run, you can run one individually or choose to run them all at once.
The different migrations options are:
|All||Runs all the migrations (Recommended for Demo users)|
|Configuration||IdentityServer4 Configuration Migration|
|ExtendedConfiguration||AdminUI IdentityServer4 extension|
|Operational||IdentityServer4 Operational migration|
|Identity||ASP Identity Migration|
|Audit||RSK AdminUI Audit Migration|
|Saml||SAML2P Component migration|
|WsFed||Ws-Federation Component migration|
|DataProtection||DataProtection Key Migration (used if protecting cookies with a Database)|
A help function may be accessed by adding -help
You may also specify a connection string and which database provider you are you using with -connectionstring and -dbprovider. The connection string must be valid and surrounded by quotes. If no connectionstring and dbprovider are given, the migration tool will look in the Api’s webconfig for the values.
If the container is not running and you would like to run migrations use the following command
docker run -e "DbProvider=<YourProvider>" -e "IdentityConnectionString=<YourConnectionString>" -e IdentityServerConnectionString="<YourConnectionString>" --entrypoint dotnet identityserverregistry.azurecr.io/idxapi IdentityExpress.Manager.Api.dll -migrate all
Note - The full list of configuration options is avaliable here
If the container is already running the steps to run migrations are as follows:
- Find the container ID by running the “docker container ps” command
- Once found, you can exec the command as follows:
docker exec <container-id> dotnet IdentityExpress.Manager.Api.dll -migrate all
Note - This will use the environment variables already passed into the container.
You will see the output of the migrations in your command line window.