One Identity Manager is made up of several components that can run in different network segments. In addition, One Identity Manager requires access to various network services, which can also be installed in different network segments. You must open various ports depending on which components and services you want to install behind the firewall.
The following ports are required:
Table 13: Communications port
1433 |
Port for communicating with the One Identity Manager database. |
1880 |
Port for the HTTP protocol of One Identity Manager Service. |
2880 |
Port for access tests with the Synchronization Editor, such as in the target system browser or for simulating synchronization.
Default port for the RemoteConnectPlugin. |
80 |
Port for accessing web applications. |
88 |
Kerberos authentication system (if Kerberos authentication is implemented). |
135 |
Microsoft End Point Mapper (EPMAP) (also, DCE/RPC Locator Service). |
137 |
NetBIOS Name Service. |
139 |
NetBIOS Session Service. |
Other ports for connecting to target systems are also required. These ports are listed in the corresponding guides.
The following steps are required to install One Identity Manager:
-
Install One Identity Manager tools on the administrative workstation on which the One Identity Manager database schema installation will be started.
-
Install and configure the One Identity Manager database with the Configuration Wizard.
-
Set up the server, which handles the SQL processes.
-
The server must be entered in the database as a Job server with the SQL processing server server function.
-
A One Identity Manager Service with direct access to the One Identity Manager database must be installed and configured on the server.
NOTE: Multiple SQL processing servers can be set up to spread the load of SQL processes.
-
Set up an update server for automatic software updating of other servers.
-
The server must be entered in the database as a Job server with the server function Update server.
-
A One Identity Manager Service with direct access to the One Identity Manager database must be installed and configured on the server.
-
Setting up and configuring the Database Agent Service
The Database Agent Service controls processing of DBQueue Processor tasks. The Database Agent Service is deployed through the One Identity Manager Service plugin. Alternatively, the Database Agent Service can be run from the DatabaseAgentServiceCmd.exe command line program.
NOTE: You can proceed with setting up a SQL processing server and the update server using the Configuration Wizard. You can also set up the Database Agent Service with the Configuration Wizard.
You can also install the following:
-
Additional workstations.
-
Additional servers with the One Identity Manager Service.
-
An application server.
-
An API Server with HTML web applications.
-
The Web Designer Web Portal on a web server.
-
The Password Reset Portal on a web server.
For more information about installing and configuring the Password Reset Portal, see the One Identity Manager Web Application Configuration Guide.
-
The Manager web application on a web server
You can install and update One Identity Manager using the following methods:
-
Use the installation wizard to install the One Identity Manager components on workstations for the first time.
-
To install and update the One Identity Manager database, use the Configuration Wizard.
-
Use the installation wizard or the Server Installer to install the One Identity Manager Service on the servers for the first time.
-
Update an existing installation use the auto update software.
-
Use the installation wizard to manually update individual workstations and servers.
NOTE: One Identity provides various Docker images for simple and standardized installation and running of individual Docker components in One Identity Manager containers.
Detailed information about this topic
One Identity provides various Docker images for simple and standardized installation and running of individual One Identity Manager components in Docker containers. You can find One Identity Manager Docker images, together with detailed information about the usage and configuration of the individual images under https://hub.docker.com/u/oneidentity/. For videos with additional information, see the One Identity Manager Containerization video series at www.YouTube.com/OneIdentity. For more information about Docker, see https://www.docker.com/.
Table 14: Available One Identity Manager Docker images
oneidentity/oneim-job |
This image runs an instance of a One Identity Manager Service. When started, it downloads the necessary files for a specific Job server. This behavior can be controlled using encrypted values and environment variables. |
oneidentity/oneim-appserver |
This image runs an instance of the One Identity Manager application server. When started, it downloads the necessary files from the configured One Identity Manager database. This behavior can be controlled using encrypted values and environment variables. |
oneidentity/oneim-web |
This image runs an instance of the Web Designer Web Portal. When started, it downloads the necessary files from the configured One Identity Manager database. This behavior can be controlled using encrypted values and environment variables. |
oneidentity/oneim-installer |
This image contains a simple installation program that can be used in derived images to create the file structure for One Identity Manager applications. |
oneidentity/oneim-api |
This image runs an instance of the API Server. When started, it downloads the necessary files from the configured One Identity Manager database. This behavior can be controlled using encrypted values and environment variables. |
There are additional examples of Docker files under https://github.com/OneIdentity in the Docker Files Repository. You can use the examples to create your own Docker container images based on One Identity Manager Docker images.
Before you start installing One Identity Manager:
Detailed information about this topic