サポートと今すぐチャット
サポートとのチャット

Identity Manager 9.3 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing additional modules for a existing One Identity Manager installation Installing and updating an application server Installing and updating an API Server Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Advanced configuration of the Manager web application Machine roles and installation packages Configuration parameters for the email notification system How to configure the One Identity Manager database using SQL Server AlwaysOn availability groups

Installing and configuring the One Identity Manager Service

The One Identity Manager Service handles defined processes. The service has to be installed on the One Identity Manager network server to run the processes. The server must be declared as a Job server in the One Identity Manager database.

Setting up a Job server requires the following steps:

  • Create an entry for the Job server in the One Identity Manager database.

  • Specify the machine roles and server functions for the Job server.

    Installation packages to be installed on the Job server are found, depending on the selected machine roles. The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function.

  • Install the One Identity Manager Service.

  • Configure the One Identity Manager Service.

  • Start the One Identity Manager Service.

For more information about using the One Identity Manager Service, see the One Identity Manager Configuration Guide.

NOTE: On Linux operating systems, use of oneidentity/oneim-job docker images is recommended.

Related topics

Setting up Job servers

Each Job server within the network must have a unique queue identifier. The process steps are requested by the Job queue using exactly this queue name:

  • A Job server must be known in the One Identity Manager database for each queue.

  • Enter this queue name in the One Identity Manager Service configuration file.

There are several methods for setting up a Job server:

  • For the initial schema installation with the Configuration Wizard, you already set up a Job server with the SQL processing server and Update server server functions. Use the Configuration Wizard to configure the service and install it on a server.

  • To configure further Job servers, use the Server Installer program.

    Using the Server Installer, you create the Job server with its machine roles and server functions in the database. Use the Server Installer to configure the service and install it on a server.

  • You can create Job servers in the Designer.

    Use the Designer, to create a Job server with the machine roles and server functions, configure the service on the server and install the service remotely. For more information, see the One Identity Manager Configuration Guide.

  • Alternatively, you can use the installation wizard to install the service components on the server and then configure the service using the Job Service Configuration program. For detailed information about configuring the One Identity Manager Service, see the One Identity Manager Configuration Guide.

  • If the Common | Jobservice | AutoCreateServerFromQueues configuration parameter is enabled, in response to queries from the One Identity Manager Service for unknown queues, new Job servers are created in the database. Information about machine roles and server functions is transferred to the database.

NOTE: If you subsequently change server functions for a Job server in the database, for example using the Designer, the system checks whether the required components are installed on the server, and updates the server if necessary. To enable this, automatic software updates must be active.

Related topics

Installing the One Identity Manager Service with the Server Installer

IMPORTANT: If you are working with an encrypted One Identity Manager database, see Tips for working with an encrypted One Identity Manager database.

To set up a Job server, perform the following steps.

  1. Create a Job server and install and configure the One Identity Manager Service.

    Use the One Identity Manager Service to install the Server Installer. The program runs the following steps:

    • Sets up a Job server.

    • Specifies machine roles and server function for the Job server.

    • Installs One Identity Manager Service components corresponding to the machine roles.

    • Configures the One Identity Manager Service.

    • Starts the One Identity Manager Service.

    Use the Server Installer to install the One Identity Manager Service locally or remotely.

    To remotely install the One Identity Manager Service, provide an administrative workstation on which the One Identity Manager components are installed. Ensure that the One Identity Manager components are installed on the server before installing locally. For more information about installing One Identity Manager components, see the One Identity Manager Installation Guide.

  2. If you are working with an encrypted One Identity Manager database, declare the database key in the One Identity Manager Service. For more information about working with an encrypted One Identity Manager database, see the One Identity Manager Installation Guide.

  3. To generate processes for the Job server, you need the provider, connection parameters and the authentication data. By default, this information is determined from the database connection data. If the Job server runs through an application server, you must configure extra connection data in the Designer. For more information about connection data, see the One Identity Manager Configuration Guide.

To install and configure the One Identity Manager Service on a server

  1. Start the Server Installer program.

    NOTE: To install remotely, start the Server Installer program on your administrative workstation. To install locally, start the program on the server.

  1. On the Database connection page, enter the valid connection credentials for the One Identity Manager database.

    You can connect via the application server or directly to connect to the database.

  2. On the Server properties page, specify the server on which you want to install the One Identity Manager Service.

    1. Select a Job server from the Server drop-down.

      - OR -

      To create a new Job server, click Add.

    2. Enter the following data for the Job server.

      • Server: Name of the Job server.

      • Queue: Name of the queue to handle the process steps. Each Job server within the network must have a unique queue identifier. The process steps are requested by the Job queue using this exact queue name. The queue identifier is entered in the One Identity Manager Service configuration file.

      • Full server name: Full server name in accordance with DNS syntax.

        Syntax:

        <Name of servers>.<Fully qualified domain name>

      NOTE: You can use the Extended option to make changes to other properties for the Job server. You can also edit the properties later with the Designer.

  1. On the Machine roles page specify which roles the Job server is to have in One Identity Manager. Installation packages to be installed on the Job server are found depending on the selected machine role.

  2. On the Server functions page, specify the function of the server in the One Identity Manager environment. One Identity Manager processes are handled with respect to the server function.

    The server's functions depend on which machine roles you have selected. You can limit the server's functionality further here.

  3. On the Service Settings page, enter the connection data and check the One Identity Manager Service configuration.

    NOTE: The initial service configuration is predefined. If further changes need to be made to the configuration, you can do this later with the Designer. For more information about configuring the service, see the One Identity Manager Configuration Guide.

    For a direct connection to the database:

    1. In the module list, select Process collection > sqlprovider.

    2. Click the Connection parameter entry, then click the Edit button.

    3. Enter the connection data for the One Identity Manager database.

    4. Click OK.

    For a connection to the application server:

    1. In the module list, select the Process collection entry and click the Insert button.

    2. Select AppServerJobProvider and click OK.

    3. In the module list, select Process collection > AppServerJobProvider.

    4. Click the Connection parameter entry, then click the Edit button.

    5. Enter the address (URL) for the application server and click OK.

    6. Click the Authentication data entry and click the Edit button.

    7. In the Authentication method dialog, select the authentication module for logging in. Depending on the authentication module, other data may be required, such as user and password. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

    8. Click OK.

  4. To configure the installation, click Next.

  1. Confirm the security prompt with Yes.

  2. On the Select installation source page, select the directory with the install files. Change the directory if necessary.

  3. On the Service access page, enter the service's installation data.

    • Computer: Select the server, on which you want to install and start the service, from the drop-down or enter the server's name or IP address.

      To run the installation locally, select Local installation from the drop-down.

    • Service account: Enter the details of the user account that the One Identity Manager Service is running under. Enter the user account, the user account's password and password confirmation.

    The service is installed using the user account with which you are logged in to the administrative workstation. If you want to use another user account for installing the service, you can enter it in the advanced options.

    You can also change the One Identity Manager Service details, such as the installation directory, name, display name, and the One Identity Manager Service description, using the advanced options.

  4. Click Next to start installing the service.

    Installation of the service occurs automatically and may take some time.

  5. Click Finish on the last page of the Server Installer.

    NOTE: In a default installation, the service is entered in the server’s service management with the name One Identity Manager Service.

Related topics

Displaying the One Identity Manager Service log file

The One Identity Manager Service log file can be displayed in a browser.

You call up the log file with the appropriate URL:

http://<server name>:<port number>

The default value is port 1880.

Different credentials are expected depending on how the authentication method is configured for displaying the log file.

To open the One Identity Manager Service log file in the Job Queue Info

  1. Start the Job Queue Info program.

  2. In the Server state view, select the Job server and select the Open in browser context menu item.

    The One Identity Manager Service HTTP server for the Job server is queried and the various One Identity Manager Service services are displayed.

  3. To display the contents of the log file, select Log File in the navigation view.

Figure 3: The One Identity Manager Service log file

The messages to be displayed on the web page can be filtered interactively. There is a drop-down on the website for this. Only text contained in the log file can be displayed in this case. For example, if the message type is Warning, messages with the Info message type cannot also be displayed if the relevant filter is selected.

The log output is color-coded to make it easier to identify.

Table 21: Log file color code
Color Meaning

Green

Processing successful

Yellow

Warnings occurred during processing

Red

Fatal errors occurred during processing

NOTE: If you want to retain the color information to send by email, you need to save the complete web page.

For more information about configuring how the One Identity Manager Service log file is displayed, see the One Identity Manager User Guide for One Identity Manager Tools User Interface.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択