You need guidance upgrading to 15.5 in Linux Redhat.
The following is a high-level overview of the contents of the Upgrade Guide.
Download Symantec_DLP_Update_Readiness_Tool-September2019.zip from portal
Go to Downloads directory
cp Symantec_DLP_Update_Readiness_Tool-September2019.zip ../DLPDownloadHome/DLP/15.5/
chmod 777 Symantec_DLP_Update_Readiness_Tool-September2019.zip
cp * - r /opt/Symantec/DataLossPrevention/EnforceServer/15.5/Protect/Migrator/URT
Log on to SQL*Plus using the Symantec Data Loss Prevention database user name and
Run the following:
FOR rec IN (SELECT * FROM user_jobs) LOOP
dbms_job.broken( rec.job, true);
Verify all jobs are unscheduled by running the following:
Select count(*) from user_job
Count should show as 0
Creating the Update Readiness tool database account
Before you can run the Update Readiness tool, you must create a database account.
To create the new Update Readiness tool database account
Navigate to /root/DLPDownloadHome/DLP/15.5/script
Log back into SQL plus
Run the oracle_create_user.sql script:
At the Please enter the password for sys user prompt, enter the password for the SYS
At the Please enter Service Name prompt, enter a user name. AKA: protect
At the Please enter required username to be created prompt, enter a name for the new AKA: protectURT
At the Please enter a password for the new username prompt, enter a password for
the new upgrade readiness database account.
Use the following guidelines to create an acceptable password:
■ Passwords cannot contain more than 30 characters.
■ Passwords cannot contain double quotation marks, commas, or backslashes.
■ Avoid using the & character.
■ Passwords are case-sensitive by default. You can change the case sensitivity through
an Oracle configuration setting.
■ If your password uses special characters other than _, #, or $, or if your password
begins with a number, you must enclose the password in double quotes when you
Store the user name and password in a secure location for future use. You use this user
name and password to run the Update Readiness tool.
Log into sqlplus protect as sysdba
conn sys/<password>@protect as sysdba
GRANT READ,WRITE ON directory DATA_PUMP_DIR TO [schema user name];
GRANT SELECT ON dba_registry_history TO [schema user name];
GRANT SELECT ON dba_temp_free_space TO [schema user name];
Install New JRE:
Go to Downloads
chmod 777 Symantec_DLP_15.5_Platform_Lin-IN_220.127.116.1118.zip
cp ServerJRE.zip /opt/temp
chmod 777 symantec-dlp-server-jre-1-8-0-181-18.104.22.168-17018.x86_64.rpm
rpm -ivf symantec-dlp-server-jre-1-8-0-181-22.214.171.124-17018.x86_64.rpm
Go to downloads home
CP Symantec_DLP_Update_Readiness_Tool-September2019.zip /opt/Symantec/DataLossPrevention/EnforceServer/15.5/Protect/Migrator/URT
Chmod 777 Symantec_DLP_Update_Readiness_Tool-September2019.zip
Run the following command:
"/opt/Symantec/DataLossPrevention/ServerJRE/1.8.0_181/bin/java" UpdateReadinessTool --username protect --password Protectdemo2019 --readiness_username protecturt --readiness_password protect --sid protect
cat <the name of the output file> verify no errors.
If upgrading from version previous to 15.1 you must switch to service name:
Switching from SID to SERVICE_NAME
Before you upgrade to Symantec Data Loss Prevention 15.1 you switch the Oracle SID to
SERVICE_NAME. You cannot complete the migration process if you do not switch to the
To switch from SID to SERVICE_NAME, you update the tnsnames.ora file to point to the
SERVICE_NAME, and then register the service name change on the database.
After you switch to the SERVICE_NAME parameter, you can upgrade. See the Symantec Data
Loss Prevention Upgrade Guide. This guide is available online at the Symantec Support Center
Switch from SID to SERVICE_NAME
Update the tnsnames.ora file to point to the SERVICE_NAME.
Switching from SID to SERVICE_NAME
1 Locate the tnsnames.ora file.
The file is located at $ORACLE_HOME/network/admin on Linux.
2 Back up the tnsnames.ora file before you update it.
3 On Linux, switch to the Oracle user by running the following command:
su - oracle
4 Stop the listener by running the following command:
You can skip this step if the database is already stopped.
Preparing to upgrade Symantec Data Loss Prevention 19
Preparing the Oracle database for a Symantec Data Loss Prevention upgrade
5 Open the tnsnames.ora file.
6 Change SID to SERVICE_NAME for the protect value, where protect is your current SID.
The Protect section should read as follows:
(ADDRESS_LIST =(ADDRESS = (PROTOCOL = TCP)(HOST = 127.0.0.1)(PORT = 1521)))
(SERVICE_NAME = protect)
Register the service name
Registering the service name change on the database
1 On Linux, export data for the SID by running the following command:
su - oracle
2 Launch SQL Plus by running the following command:
3 Connect to the database by running the following command:
conn sys/protect as sysdba
4 Set the service name by running the following command:
alter system set service_names = 'protect' scope=both;
Where protect is your new SERVICE_NAME.
5 Set the registry by running the following command:
alter system register;
6 Verify that the protect users uses the SERVICE_NAME parameter by running the following
select value from v$parameter where name like '%service_name%';
Where service_name is the SERVICE_NAME parameter that connects to the Oracle database.
The SERVICE_NAME value protect displays in the command prompt.
Verify and grant permissions to Oracle
Conn sys/<db password>@protect as sysdba
GRANT read, write ON directory data_pump_dir TO protect;
GRANT SELECT ON dba_registry_history TO protect;
GRANT SELECT ON dba_temp_free_space TO protect;
GRANT SELECT ON v_$version TO protect;
GRANT EXECUTE ON dbms_lob TO protect;
Sign rpm file
rpm --import Symantec_DLP_RPM_Signing_Key.asc
cp EnforceServer.zip /opt/temp
Confirm file dependencies for RPM files by running the following command:
rpm -qpR *.rpm
remove exiting package:
Install all RPM files in the folder by running the following command:
rpm -ivf *.rpm
Running the Migration Utility
Accept the path to the JRE
Choose installation 1
The upgrade should be complete, log into the console to verify.