Identity Manager On Demand - Starling Edition Hosted

Identity Manager On Demand - Starling Edition Hosted - Quick Start Guide

About this guide One Identity Manager On Demand overview Architecture overview Using One Identity Manager On Demand as a Starling service Information provided for accessing One Identity Manager On Demand One Identity Manager On Demand cloud components

Supported browsers Requirements for connecting One Identity Starling Database backup policies

One Identity Manager On Demand on-premises components

Minimum system requirements for administrative workstations Minimum system requirements for Job servers

Working with One Identity Manager On Demand

Installing One Identity Manager On Demand on-premises components Logging in to One Identity Manager On Demand components

One Identity Manager On Demand system users Logging in via application server Logging in via direct connection to the database

Setting up a One Identity Manager On Demand on-premises Job server

Installing and configuring the One Identity Manager On Demand Service on a Job server Declaring database keys on a Job server Configuring connection data for the application server

How to transfer script modifications from the test instance to the production instance

One Identity Manager On Demand configuration, customization and product limitations

Information provided for accessing One Identity Manager On Demand

After successful deployment, information about your subscription is displayed in the One Identity Manager On Demand portal along with the connection details of your One Identity Starling deployment. You need this information for accessing One Identity Manager On Demand.

To display the information

Log in to the One Identity Starling portal.
On the home page, in the My Services section, click the One Identity Manager On Demand (Starling Edition) tile.

Administrative system user

The cccAdmin system user is an administrative system user. You can use this system user to log on to the tools for the first time and to configure One Identity Manager On Demand. Provided are:

User name: cccAdmin
Password: Password for the cccAdmin system user.

Synchronization user

The Synchronization system user has the necessary permissions to set up and run target system synchronizations using an application server. Provided are:

User name: Synchronization
Password: Password for the Synchronization system user.

Database connection data

It is generally recommended that on-premises components use the application server to connect to the database. However, some components require a direct database connection. For more information, see Which components and front-ends work with an application server? in the Online documentation on the Support Portal.

The following information is provided for the direct database connection:

Database address: Public endpoint of the Azure SQL Managed Instance.
Database name: Name of the database.
User name: SQL Server Login name of the <database name>_cccConfig user.
Password: Password for the user's SQL Server login.

NOTE: The database login password expires after 42 days after which, you must change the password.

IMPORTANT: Access to the database is limited solely to the IP addresses and IP ranges that have been granted access.

To share IP addresses and IP ranges

On the Database Access tile, click Manage Database Access and enter one or more public IP addresses or IP ranges (separated by commas) or specify the CIDR notation.

Encryption key for database encryption

To synchronize a target system you must declare the database key in the One Identity Manager On Demand Service. The file with the private key must exist in the server's installation directory on all servers with an active One Identity Manager On Demand Service.

For more information, see Tips for working with an encrypted One Identity Manager database in the Online documentation on the Support Portal.

Endpoint URLs

Web Portal / API Server

This endpoint is used deploy the Web Portal, the Password Reset Portal and the Operations Support Web Portal. In addition, you gain access to the API Server's administration portal and the API Server's API documentation.
App Server

This endpoint is used to deploy the application server. You need the URL to connect to the application server in the on-premises components. Furthermore, administrative system users can see the application server's status as well as the application server's REST API documentation through this endpoint.
Job server

This endpoint is used to deploy the cloud Job server's status information and log file.

One Identity Manager On Demand cloud components

The following One Identity Manager On Demand components are deployed as part of the cloud infrastructure. These components are managed by One Identity and monitored by the operations team.

Table 1: Overview of One Identity Manager On Demand cloud components
Component	Description
Azure SQL Managed Instance	The Azure SQL Managed Instance is an intelligent, scalable, cloud database service.
API Server	The API Server deploys the Web Portal, the Password Reset Portal, and the Operations Support Web Portal. NOTE: Any customizations of the base Angular code are supported solely by the customer.
Web Portal	The Web Portal is a web-based application for all One Identity Manager On Demand users. The Web Portal provides stringent workflows for the following actions: Changing your own main data and password. Editing or entering identity main data of direct reports. Searching, requesting, canceling, or renewing products in the IT Shop. Delegating own roles. Editing assigned approvals, attestation cases, and rule violations. In the information system, you may see several evaluations, for example, about your own requests and attestation cases, employee numbers, approvals, rule violations, or the Unified Namespace. The Web Portal is made available over the API Server. Through a web browser, users can access the website that has been dynamically set up and customized for them.
Password Reset Portal	The Password Reset Portal allows users to securely reset passwords of the user accounts they manage. The Password Reset Portal is made available over the API Server.
Operations Support Web Portal	The Operations Support Web Portal helps you to manage and use your web applications. You can use the Operations Support Web Portal to monitor the handling of processes and DBQueue tasks. You can also create passcodes for your colleagues. The Operations Support Web Portal is made available over the API Server.
Application server	The application server deploys a connection pool for accessing the database from outside the One Identity Cloud.
Job server	This One Identity Manager On Demand Service handles defined processes and should not be used to perform data synchronization between the database and any connected target systems.

Supported browsers

You can use any browser to access One Identity Manager On Demand cloud components if it is supported by One Identity Starling. For more information, see under System requirements in the One Identity Starling Release Notes.

Enable JavaScript in your browser for the One Identity Manager On Demand Web Portal to work. For optimal displaying of the graphical user interface, use a device with a minimum screen resolution of 1280 x 1024 pixels and at least 16-bit color depth. For mobile viewing, for example when using a tablet, use a device with a display size of at least 9.7 inches.

Requirements for connecting One Identity Starling

To integrate One Identity Starling, you require different DNS addresses. For more information, see under System requirements in the One Identity Starling Release Notes.

제품을 선택하십시오.

더 나은 서비스 제공을 위해 채팅 목적을 작성해 주십시오.

문제에 대한 권장 솔루션