NOTE: We recommend that you perform the automatic update only in specific maintenance windows, in which the application cannot be accessed by users and the application can be manually restarted with no risk.
The following permissions are required for automatic updating:
-
The user account for updating requires write permissions for the application directory.
-
The user account for updating requires the Log on as a batch job local security policy.
-
The user account running the application pool requires the Replace a process level token and Adjust memory quotas for a process local security policies.
The application update happens automatically if the Auto update plug-in is enabled for the web application.
To run an update, first load the files to be updated into the One Identity Manager database. The necessary files are loaded into the One Identity Manager database and updated when a hotfix, a service pack, or a full version update is run.
The Automatic update plug-in performs a check when the application is started, and every approx. 5 minutes thereafter. New files are loaded from the database as they are identified. The plug-in cannot update the files while the application is running. The update waits until the application is restarted.
The application is restarted automatically by the web server when it has been idle for a defined length of time. This may take some time or be hindered by continuous user requests.
Perform the following steps to uninstall the web application.
To uninstall a web application
-
Launch autorun.exe from the root directory of the One Identity Manager installation medium.
-
On the start page of the installation wizard:
-
Change to the Installation tab.
-
In the Web-based components pane, click Install.
This starts the Web Installer.
-
On the Web Installer start page, click Uninstall a web application and click Next.
-
On the Uninstall a web application page, double-click the application that you want to remove.
The 
icon is displayed in front of the application.
-
Click Next.
-
On the Database connection page, select the database connection and authentication method and enter the corresponding login data.
-
Click Next.
-
Confirm the security prompt with Yes.
-
The uninstall progress is displayed on the Setup is running page.
-
Once installation is complete, click Next.
-
On the Wizard complete page, click Finish.
-
Close the autorun program.
NOTE: One Identity Manager tools can only be started if the user has the relevant program functions. For more information about program functions, see the One Identity Manager Authorization and Authentication Guide.
When you start one of the One Identity Manager tools, a default connection dialog opens. This tries to restore the last used connection.
Figure 5: Default connection dialog
When you log in, you need to be aware of the difference between a database user and a user of individual One Identity Manager tools (system user). Several system users can work with one database user.
Login takes place in two steps:
-
Selecting the database connection to log in to the database
You can login to the database via an application server or a direct connection to the database.
-
Selecting the authentication method and finding the system user for logging in
Permitted system user IDs are determined by the authentication module you select. One Identity Manager provides various authentication modules for this purpose.
NOTE: After the initial schema installation, only the System user and ComponentAuthenticator authentication modules and the role-based authentication modules are enabled in One Identity Manager. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.
NOTE: Use non role-based authentication modules to log in to the Designer. Role-based authentication modules for logging in to the Designer are not supported.
Detailed information about this topic
Perform the following steps if you want to log in via an application server.
To establish a new connection to the database via an application server
-
Start a One Identity Manager tool, such as the Manager, from the install directory.
This opens the connection dialog.
-
In the connection dialog, under Select a database connection, click Add new connection and select the Application server system type.
-
Click Next.
-
Enter the address (URL) for the application server.
-
If you access an application server secured through SSL/TLS, configure additional settings for the certificate:
-
If the certificate's server name matches the application server's URL and, if the server certificate can be successfully validated, the server name displayed in green next the URL. By clicking the server name next to the URL, you can get information about the certificate.
-
If the certificate's server name does not match the application server's URL or, if the server certificate cannot be successfully verified, the server name is displayed in red next the URL. You decide whether to trust the certificate.
-
If a client certificate is expected according to the SSL settings, select the certificate under Select client certificate and specify how the certificate is to be verified. You have the following options: Find by subject name, Find by issuer name and Find by thumbprint.
-
If you want to use a self-signed certificate, enable the Accept self-signed certificate option.
-
Select Test connection in the Options menu.
This attempts to connect the database with the given connection data. You are prompted to confirm a message about the test.
NOTE: Using Options > Advanced options item, you can make additional changes to the connection configuration.
-
Click Finished.
-
In the connection dialog, under Authentication method, select the authentication module.
This displays a list of all available authentication modules.
-
Enter the login data for the system user ID.
The login data required depends on which authentication module you select.
-
Click Connect.
NOTE: The connection is saved and made available for the next login.
