Chat now with support
Chat mit Support

Identity Manager 9.0 LTS - Operational Guide

About this guide Simulating data changes in the Manager Scheduling operations activation times Re-applying templates Exporting data with the Manager Analyzing data and data changes Analyzing process monitoring in the Manager Schedules in One Identity Manager Mail templates in One Identity Manager Password policies in One Identity Manager Working with change labels Checking data consistency Compiling a One Identity Manager database Transporting custom changes Importing data with the Data Import Importing and exporting individual files for the software update Creating a One Identity Manager database for test or development from a database backup Initializing DBQueue Processor the after extending the server hardware Command line programs

WebDesigner.InstallerCMD.exe

Using the program WebDesigner.InstallerCMD.exe, you can install and uninstall the Web Portal using the command line console.

NOTE: Run the installation using the command line console in administrator mode.

Calling syntax for installation

WebDesigner.InstallerCMD.exe

[/prov {Provider}]

/conn {Connection string}

/authprops {Authentication string}

/appname {Application name}

/site {Site}

[/sourcedir {Directory}]

[/apppool {Application pool}]

[/webproject {Web project}]

[/constauthproj {Subproject name} /constauth {Authentication}]

[/searchserviceurl {url}]

[/applicationtoken {Token}]

[/updateuser {User name} [/updateuserdomain {Domain}]

[/updateuserpassword {Password}]]

[/allowhttp {true|false}]

[-f]

[-w]

Calling syntax for uninstalling

WebDesigner.InstallerCMD.exe

[/prov {Provider}]

/conn {Connection string}

/authprops {Authentication}

/appname {Application name}

[/site {Site}]

-R

Calling syntax for uninstalling earlier Web Portal versions back to and included version 6.x

WebDesigner.InstallerCMD.exe

/appname {Application name}

[/site {Site}]

-R

Table 63: Program parameters and options

Parameter or option

Description

/Prov

(Optional) Database provider – permitted values are VI.DB.ViSqlFactory, VI.DB and QBM.AppServer.Client.ServiceClientFactory, QBM.AppServer.Client.

/Conn

Database connection parameter. A user with a minimum access level of Configuration user is required.

For more information about permissions, see the One Identity Manager Installation Guide and the One Identity Manager Authorization and Authentication Guide.

Alternatively, you can enter the name of the connection according to the registry HKEY_CURRENT_USER\Software\One Identity\One Identity Manager\Global\Connections.

/authprops

Authentication data. The authentication data depends on the authentication module used. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

/appname

Application name.

/site

Internet Information Services web page on which to install the application.

/sourcedir

(Optional) Installation source. If this parameter is set, the installation is performed from the file system. If this parameter is not set, the installation is performed from the database (default).

/apppool

(Optional) Application pool. If this parameter is set, the installation is performed in the specified application pool. If this parameter is not set, a new application pool is installed (default).

/webproject

(Optional) Name of the web project. If this parameter is set, the specified web project is installed. If this parameter is not set, the web project VI_StandardWeb is installed (default).

/constauthproj

Name of the subproject.

/constauth

Authentication settings of the subproject.

/searchserviceurl

Application server for search function availability.

/applicationtoken

Application token for the Password Reset Portal.

/updateuser

(Optional) User for updating. If no user is given, the same user account is used for the application pool.

/updateuserdomain

Active Directory domain of the user.

/updateuserpassword

User password.

/allowhttp

(Optional) If the parameter is set, HTTP is permitted. If this parameter is not available, HTTPS is used (default).

-w

(Optional) Type of authentication used for the web application. If this parameter is set, Windows authentication is used. If this parameter is not set, anonymous authentication is used on IIS (default).

-f

(Optional) If this parameter is set, no permissions are allocated for the IIS_USRS user. If this parameter is not set, the permissions are allocated for the IIS_USRS user (default).

-R

Removes the web application.

/?

Displays program help.

Example: Installation with a direct connection against a SQL Server database.

In this example, the parameters are configured as follows:

  • Connection to database on a SQL Server

  • Installation in the default website

  • Application name testqs

  • Authentication with system user testadmin

  • Application server for the availability of the search function https://dbserver.testdomain.lan/TestAppServer

  • Allow HTTP

WebDesigner.InstallerCMD.exe

/conn "Data Source=dbserver.testdomain.lan;Initial Catalog=IdentityManager;Integrated Security=False;User ID=admin;Password=password"

/site "Default Web Site"

/appname testqs

/authprops "Module=DialogUser;User=testadmin;Password="

/searchserviceurl https://dbserver.testdomain.lan/TestAppserver

/allowhttp true

Example: Installation with a direct connection to an application server

In this example, the parameters are configured as follows:

  • Connection to application

  • Installation in the default website

  • Application name testviaappserver

  • With Windows authentication as web authentication

  • User for the updating User1 with the domain MyDomain.lan

WebDesigner.InstallerCMD.exe

/prov "QBM.AppServer.Client.ServiceClientFactory, QBM.AppServer.Client"

/conn "URL=https://test.lan/IdentityManagerAppServer/"

/site "Default Web Site"

/appname testviaappserver

/authprops "Module=DialogUser;User=testadmin;Password="

-w

/updateuser User1

/updateuserdomain MyDomain.lan

/updateuserpassword topsecret

Example: Uninstalling the web application with a connection against an application server

WebDesigner.InstallerCMD.exe

/prov "QBM.AppServer.Client.ServiceClientFactory, QBM.AppServer.Client"

/conn "URL=https://test.lan/IdentityManagerAppServer/"

/appname testviaappserver

/authprops "Module=DialogUser;User=testadmin;Password="

-R

Example: Processing of authentication settings for a subproject

WebDesigner.ConfigFileEditor.exe

-constAuth ../web.config "test_UserRegistration_Web" "Module=DynamicPerson;User[test_USER]=xyz;(Password)Password[test_Password]=xyz;(Hidden)IgnoreMasterIdentities=;(Hidden)Product=Manager"

VI.WebDesigner.CompilerCmd.exe

With the program VI.WebDesigner.CompilerCmd.exe, you can compile the Web Portal using the command line console.

NOTE: Unlike the default settings in the Web Designer, subprojects are not compiled at the same time. This means that when the VI_StandardWeb is compiled, the dI_UserRegistration_Web is not also compiled at the same time.

Calling syntax

VI.WebDesigner.CompilerCmd.exe

/conn {Connection string}

/dialog {Authentication string}

/project {path}

[/solution {path}]

[/mode {mode}]

[-E]

[-D]

[-R]

[/csharpout {folder}]

Table 64: Program parameters and options

Parameter or option

Description

/Conn

Database connection parameter. A user with a minimum access level of Configuration user is required.

For more information about permissions, see the One Identity Manager Installation Guide and the One Identity Manager Authorization and Authentication Guide.

Alternatively, you can enter the name of the connection according to the registry HKEY_CURRENT_USER\Software\One Identity\One Identity Manager\Global\Connections.

/dialog

Authentication data. The authentication data depends on the authentication module used. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

/project

Name of the web project.

/solution

(Optional) This parameter specifies the Web Designer solution file to be used. If this parameter is not available, a database project is used.

/mode

(Optional) This parameter enables you to specify a compilation mode. Permitted values are:

  • normal : Full compilation (default mode)

  • nostore : No assemblies saved to the database.

  • nocompile : C# code generation runs, but without compilation.

  • nocodegen : Only Web Designer compilation, no C# code generation.

-E

(Optional) This parameter activates the detailed check.

For more information about detailed checks, see the One Identity Manager Web Designer Reference Guide.

-D

(Optional) This parameter activates the debug compilation.

-R

(Optional) This parameter activates the generation of a stable C# text. This setting prevents use of certain random values.

/csharpout {folder}

(Optional) This parameter contains the target directory for C# text.

/help

Displays program help.

Example: Release compilation of the VI_StandardWeb

VI.WebDesigner.CompilerCmd.exe

/conn "Data Source=<Database server>;Initial Catalog=<Database name>; User ID=<Database user>; Password=<Password>"

/dialog "Module=DialogUser;User=<User name>;Password=<Password>"

/project VI_StandardWeb

Example: Debug compilation of the VI_User_Registration_Web

VI.WebDesigner.CompilerCmd.exe

/conn "Data Source=<Database server>;Initial Catalog=<Database name>; User ID=<Database user>; Password=<Password>"

/dialog "Module=DialogUser;User=<User name>;Password=<Password>"

/project VI_UserRegistration_Web

-D

Create-web-dir.exe

With the program Create-web-dir.exe you can create a One Identity Manager installation from a directory containing a One Identity Manager setup or from an installed One Identity Manager database. You can find the program on the installation media in the Modules\QBM\dvd\AddOn\SDK\LinuxWebInstall directory. You can run the program from the command line.

Calling syntax

create-web-dir.exe

[--mode=web|standalone]

--setup={Directory}|[--db-system=MSSQL|APPSERVER]

--db="{Connection string}"

--dest={Directory}

[ --modules={Module IDs}]

--targets= "{Targets}"

[--nlog={Path}\nlog.config]

[--web-config={Path}\Web.config]

[--web-app={URL}]

[--web-app-project={Web project}]

[--web-app-product={Product}]

[--web-app-auth={Authentifier}]

[--web-app-auth2={Authentifier}]

[--session-cert={Path}\SessionCertificate.pfx]

[--create-session-cert]

[--session-cert-issuer="{Issuer}"]

[--appserver-url={URL}]

[--auth="Module={Authentication string}"]

[--server-name --targets-from-server --config-from-server]

[--variable{Key=Value}]

[--nologo]

Calling the program
  • Windows: C:/installer/create-web-dir.exe

  • Linux: mono /installer/create-web-dir.exe

Table 65: Program parameters and options
Parameter or option

Alternative

Description
--mode

 

Installation mode. Permitted values are web (default) and standalone.

--setup

-s

Directory that contains the One Identity Manager setup and from which the installation is to be compiled. Specify either the directory containing the One Identity Manager setup or a database connection.

--db-system

 

Database system that should be connected as a source. Permissible values are MSSQL (default) or APPSERVER.
--db

-connect

Connection parameters to the database from which the installation is to be made. Specify either the directory containing the One Identity Manager setup or a database connection.

--dest

-d

Destination directory for the installation.
--targets

-t

Comma-delimited list of machine roles to be installed.
--modules

-m

Comma-delimited list of module IDs for installation. Optional, if the installation is to be done from an existing database.
--nlog

-n

(Optional) Path for the configuration file NLog.config.

--web-config

-w

(Optional) Path for configuration file Web.config.

--web-app

 

(Optional) URL for which a web application is to be created in the database.

--web-app-project

 

(Optional) Name of the web project (DialogAEDS.FileName) or UID of the web project (DialogAEDS.UID_DialogAEDS).

--web-app-product

 

(Optional) Name of the product for the web application (QBMProduct.Ident_Product) or UID of the product for the web application (QBMProduct.UID_DialogProduct).

--web-app-auth

 

(Optional) Name of the primary authentication module (DialogAuthentifier.Ident_DialogAuthentifier) or UID of the primary authentication module (DialogAuthentifier.UID_ DialogAuthentifier) for the web application.

--web-app-auth2

 

(Optional) Name of the secondary authentication module (DialogAuthentifier.Ident_DialogAuthentifier) or UID of the secondary authentication module (DialogAuthentifier.UID_ DialogAuthentifier) for the web application.

--session-cert

-c

(Optional) Path and name of the certificate file.

--create-session-cert

 

(Optional) Generate a new certificate if the specified certificate file does not exist.

--session-cert-issuer

 

(Optional) Publisher for the generated certificate file.

Standard: "CN=Application Server"

--appserver-url

 

(Optional) URL of the application server to which the web application is to be connected.

--auth

 

(Optional) Authentication data. The authentication data depends on the authentication module used. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

--config-from-server

 

(Optional) Fetches the configuration of the One Identity Manager Service for the Job server from the database and creates the configuration file in the destination directory. If this parameter is set, the --server-name parameter is required.

--targets-from-server

 

(Optional) Fetches the Job server machine roles from the database. If this parameter is set, the --server-name parameter is required.

--server-name

 

(Optional) Name of the Job server in the database (QBMServer table).

--variable

-v

(Optional) Replace the variables in the template files (NLog.config, Web.config) specified with %VariableName%. (Key=Value).

--nologo

 

(Optional) Specifies whether to display the startup banner and copyright information.

--help

-h, -?

Display program help.

Example: Installing an application server from a directory

create-web-dir.exe

-s=I:\Main\2020.07.28.001

-d=C:\Work\Install

-m=ADS,ARS,CAP,CPL,DPR,EBS,EX0,LDP,NDO,QBM,QER,RMB,RMS,SAC,SAP,SBW,SHR,SP0,TSB

-t=Server\Web\AppServer,Server\Web\AppServer\SearchCrawler,Server\Web\AppServer\SearchIndex

-w=\work\Config\Web.config

-n=\work\Config\nlog.config

-c=\work\SessionCertificate.pfx

Example: Installing an application server from the database

create-web-dir.exe

-d=C:\Work\Install

--db-connect="Data Source=<Server>;Initial Catalog=<Database>;User ID=<DB User>;Password=<Password>"

-t=Server\Web\AppServer,Server\Web\AppServer\SearchCrawler,Server\Web\AppServer\SearchIndex

-w=\work\Config\Web.config

-n=\work\Config\nlog.config

-c=\work\SessionCertificate.pfx

Example: Installing a Job server from the database with the default machine roles

create-web-dir.exe

--mode=standalone

-d=C:\Work\Install

--db-connect="Data Source=<Server>;Initial Catalog=<Database>;User ID=<DB User>;Password=<Password>"

-t=Server\Jobserver

--server-name=Server1

--targets-from-server

Example: Installing a Web Portal from the database

mono create-web-dir.exe

--db-system=MSSQL

--db-connect='Data Source=<Server>;Initial Catalog=<Database>;User ID=<DB User>;Password=<Password>'

--dest=/var/www/OneIMWeb

--targets="Server\\Web\\EndUserWebPortal"

--web-app-project="VI_StandardWeb"

--web-app-auth="RolebasedPerson"

--appserver-url=http://appserver1.localdomain/

--web-config=/tmp/web.config

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen