Chat now with support
Chat with Support

Identity Manager 8.1.4 - Operational Guide

About this guide Simulating data changes in the Manager Scheduling operations activation times Re-applying templates Exporting data with Manager Analyzing data and data changes Analyzing process monitoring in the Manager Schedules in One Identity Manager Mail templates in One Identity Manager Password policies in One Identity Manager Working with change labels Checking data consistency Compiling a One Identity Manager database Transporting custom changes Importing data with Data Import Importing and exporting individual files for the software update Command line programs

Quantum.MigratorCmd.exe

The Quantum.MigratorCmd.exe program supports the migration of a One Identity Manager database. You can run the program from the command line.

Calling syntax

quantum.migratorcmd.exe /operation=INSTALL|UPDATE|DUMP|IMPORT|DELTA /connection="{Connection string}"/system=MSSQL /module={Module IDs}[+] /destination="{Directory}" [/loglevel="Off|Fatal|Error|Info|Warn|Debug|Trace"] [/password={Password}] [/moduleowner={Module ID}] [/hashsize=<Hash size>] [/clear] [/condition={SQL condition}] /from {file} /to {file}

Calling example

quantum.migratorcmd.exe /operation=INSTALL /connection="Data Source=<Database server>;Initial Catalog=<Database>;User ID=<Database user>;Password=<Password>" /system=MSSQL /destination="C:\install" /module="TSB,ATT,CPL,HDS,POL,RMB,RMS,RPS"

Table 59: Program parameters
Parameters Alternative Description

/operation

-O|-o

Operation to be performed. Permitted values are:

  • INSTALL: Install new database.

  • UPDATE: Update database.

  • DUMP: For internal use only.

  • IMPORT: For internal use only.

  • DELTA: For internal use only.

/connection

-C|-c

Database connection parameter. Minimum access level Administrative user.

/system

-S|-s

Database system. Permitted value is MSSQL.

/module

-M|-m

Comma delimited list of module IDs.

Update case: If the module ID is followed by a plus sign (+), only this module is updated. If no plus sign is specified, all modules listed are updated.

/password

-P|-p

Optional parameter. Initial password for the viadmin system user when a new database is installed

/moduleowner

-W|-w

For internal use only.

/format

-F|-f

For internal use only.

/hashsize

 

For internal use only.

/destination

-D|-d

Source directory .

/condition

 

For internal use only.

/loglevel

 

Optional parameter. Scope of output to be processed. Permitted values are:

  • Off: No logging.

  • Fatal: All critical error messages are logged.

  • Error: All error messages are logged.

  • Info: All information is logged.

  • Warn: All warnings are logged.

  • Debug: Debugger outputs are logged. This setting should only be used for testing.

  • Trace: Highly detailed information is logged. This setting should only be used for analysis purposes. The log file quickly becomes large and cumbersome.

/clear

 

For internal use only.

@filename

 

As an alternative to directly issuing commands, you can name a text file containing the commands. Every command is in a separate line. Path names in the file must be relative.

/from

--from

For internal use only.

/to

--to

For internal use only.

/?

-h|-help

Display program help.

WebDesigner.InstallerCMD.exe

Using the program WebDesigner.InstallerCMD.exe, you can install and uninstall the Web Portal using the command line console.

NOTE: Run the installation using the command line console in administrator mode.
Calling syntax for installation

WebDesigner.InstallerCMD.exe [/prov {Provider}] /conn {Connection string} /authprops {Authentication string} /appname {Application name} /site {Site} [/sourcedir {Directory}] [/apppool {Application pool}] [/webproject {Web project}] [/constauthproj {Subproject name} /constauth {Authentication}] [/searchserviceurl {url}] [/applicationtoken {Token}] [/updateuser {User name} [/updateuserdomain {Domain}] [/updateuserpassword {Password}]] [/allowhttp {true|false}] [-f] [-w]

Calling syntax for uninstalling

WebDesigner.InstallerCMD.exe [/prov {Provider}] /conn {Connection string} /authprops {Authentication} /appname {Application name} [/site {Site}] -R

Calling syntax for uninstalling earlier Web Portal versions (<= version 6.x)

WebDesigner.InstallerCMD.exe /appname {Application name} [/site {Site}] -R

Table 60: Program parameters

Parameter

Description

/Prov

(Optional) Database provider – permitted values are VI.DB.ViSqlFactory, VI.DB and QBM.AppServer.Client.ServiceClientFactory, QBM.AppServer.Client.

/Conn

Database connection parameters.

/authprops

Authentication data - the authentication data depends on the authentication module. For detailed information about the One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

/appname

Application name.

/site

Website.

/sourcedir

(Optional) If this parameter is set, the installation is performed from the file system. If this parameter is not set, the installation is performed from the database (default).

/apppool

(Optional) If this parameter is set, the installation is performed in the specified application pool. If this parameter is not set, a new application pool is installed (default).

/webproject

(Optional) Web project name - If this parameter is set, the specified web project is installed. If this parameter is not set, the web project VI_StandardWeb is installed (default).

/constauthproj

Name of the sub project.

/constauth

Authentication settings for the sub project.

/searchserviceurl

Application server for search function availability.

/applicationtoken

Application token for the Password Reset Portal.

/updateuser

(Optional) User for updating.

/updateuserdomain

Active Directory domain of the user.

/updateuserpassword

User password.

/allowhttp

(Optional) If the parameter is set, HTTP is permitted. If this parameter is not available, HTTPS is used (default).

-w

(Optional) If the parameter is set, Windows authentication is used. If this parameter is not set, anonymous authentication is used on IIS (default).

-f

(Optional) If this parameter is set, no permissions are allocated for the IIS_USRS user. If this parameter is not set, the permissions are allocated for the IIS_USRS user (default).

-R

Delete the web application.

/?

Program help.

Example of installation with a direct connection against a SQL Server database.

In this example, the parameters are configured as follows:

  • Connection to database on a SQL Server

  • Installation in the default website

  • Application name testqs

  • Authentication with system user testadmin

  • Application server for the availability of the search function https://dbserver.testdomain.lan/TestAppServer

  • Allow HTTP

WebDesigner.InstallerCMD.exe /conn "Data Source=dbserver.testdomain.lan;Initial Catalog=IdentityManager;Integrated Security=False;User ID=admin;Password=password" /site "Default Web Site" /appname testqs /authprops "Module=DialogUser;User=testadmin;Password=" /searchserviceurl https://dbserver.testdomain.lan/TestAppserver /allowhttp true

Example of installation with a direct connection to an application server

In this example, the parameters are configured as follows:

  • Connection to application

  • Installation in the default website

  • Application name testviaappserver

  • With Windows authentication as web authentication

  • User for the update JohnDoe with the domain MyDomain.lan

WebDesigner.InstallerCMD.exe /prov "QBM.AppServer.Client.ServiceClientFactory, QBM.AppServer.Client" /conn "URL=https://test.lan/IdentityManagerAppServer/" /site "Default Web Site" /appname testviaappserver /authprops "Module=DialogUser;User=testadmin;Password=" -w /updateuser JohnDoe /updateuserdomain MyDomain.lan /updateuserpassword topsecret

Example of uninstalling the web application with a connection against an application server

WebDesigner.InstallerCMD.exe /prov "QBM.AppServer.Client.ServiceClientFactory, QBM.AppServer.Client" /conn "URL=https://test.lan/IdentityManagerAppServer/" /appname testviaappserver /authprops "Module=DialogUser;User=testadmin;Password=" -R

Example for the processing of authentication settings for a sub project

WebDesigner.ConfigFileEditor.exe -constAuth ../web.config "test_UserRegistration_Web" "Module=DynamicPerson;User[test_USER]=xyz;(Password)Password[test_Password]=xyz;(Hidden)IgnoreMasterIdentities=;(Hidden)Product=Manager"

VI.WebDesigner.CompilerCmd.exe

With the program VI.WebDesigner.CompilerCmd.exe, you can compile the Web Portal using the command line console.

Calling syntax

VI.WebDesigner.CompilerCmd.exe /conn {Connection string} /dialog {Authentication string} /project {path} [/solution {path}] [/mode {mode}] [-E] [-D] [-R] [/csharpout {folder}]

Table 61: Program parameters

Parameter

Description

/Conn

Database connection parameter.

/dialog

Authentication data. The authentication data depends on the authentication module used. For detailed information about the One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

/project

Name of the web project.

/solution

Optional parameter. This parameter specifies the Web Designer solution file to be used. If this parameter is not available, a database project is used.

/mode

Optional parameter. This parameter enables you to specify a compilation mode. Permitted values are:

  • normal : Full compilation (default mode)
  • nostore : No assemblies saved to the database.
  • nocompile : C# code generation runs, but without compilation.
  • nocodegen : Only Web Designer compilation, no C# code generation.

-E

Optional parameter. This parameter activates the detailed check.

For more information about the detailed check, see the One Identity Manager Web Designer Reference Guide.

-D

Optional parameter. This parameter activates the debug compilation.

-R

Optional parameter. This parameter activates the generation of a stable C# text. This setting prevents use of certain random values.

/csharpout {folder}

Optional parameter. This parameter contains the target directory for C# text.

/help

Program help.

Example based on release compilation of the VI_StandardWeb

VI.WebDesigner.CompilerCmd.exe/conn "Data Source=<Database server>;Initial Catalog=<Database name>; User ID=<Database user>; Password=<Password>" /dialog "Module=DialogUser;User=<User name>;Password=<Password>" /project VI_StandardWeb

Example based on debug compilation of the VI_User_Registration_Web

VI.WebDesigner.CompilerCmd.exe /conn "Data Source=<Database server>;Initial Catalog=<Database name>; User ID=<Database user>; Password=<Password>" /dialog "Module=DialogUser;User=<User name>;Password=<Password>" /project VI_UserRegistration_Web -D

NOTE: Unlike the default settings in the Web Designer, subprojects are not compiled at the same time. This means that when the VI_StandardWeb is compiled, the dI_UserRegistration_Web is not also compiled at the same time.

AppServer.Installer.CMD.exe

The AppServer.Installer.CMD.exe program supports installing and uninstalling of application servers. You can run the program from the command line.

NOTE: Run the installation using the command line console in administrator mode.

Calling syntax for installation

AppServer.Installer.CMD.exe --conn={Connection string} --auth={Authentication string} --appname={Application name}

[--site={Site}] [--app-pool={Application pool}] [--source-dir={Directory}] [--deployment-target={Machine role}] [--allow-http] [--windows-auth] [--db-windows-auth] [--skip-file-permissions] [--runtime-connection={Connection string}] [--hdb-connection={History Database ID|Connection string}]

[/updateuser {User name} [/updateuserdomain {Domain}] [/updateuserpassword {Password}]]

[

--cert-mode=existing --cert-thumbprint={Thumbprint}

|

--cert-mode=new --cert-issuer {Issuer} [--cert-key=1024|2048|4096]

|

--cert-mode=newfile --cert-issuer {Issuer} [--cert-key=1024|2048|4096] [--cert-file={Path to certificate file}]

]

[--set-connection] [--conn-id={History Database ID}]

[--verbose]

Calling example for installing

AppServer.Installer.CMD.exe --conn="Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>" --auth="Module=DialogUser;User=<User name>;Password=<Password>" --appname=MyApplicationServer --allow-http

Calling syntax for uninstalling

AppServer.Installer.CMD.exe --conn={Connection string} --auth={Authentication string} --appname={Application name} --uninstall

Calling example for uninstalling

AppServer.Installer.CMD.exe --conn="Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>" --auth="Module=DialogUser;User=<User name>;Password=<Password>" --appname=MyApplicationServer --uninstall

Calling example for changing the application server’s connection parameters

AppServer.Installer.CMD.exe --set-connection --appname=MyApplicationServer --conn="Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>"

Calling example for changing a History Database‘s connection parameters

AppServer.Installer.CMD.exe --set-connection --appname=MyApplicationServer --conn-id=<History Database ID> --conn="Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>"

Table 62: Program parameters

Parameters

Alternative

Description

--conn

--connection|

-c

Database connection parameter. To install an application server you require at least one user with the Configuration user access level.

For more detailed information about permissions, see the One Identity Manager Installation Guide and the One Identity Manager Authorization and Authentication Guide.

--auth

--auth-props|-a

Authentication data for the installation. The authentication data depends on the authentication module used.

For detailed information about the authentication modules, see the One Identity Manager Authorization and Authentication Guide.

--appname

 

Application name.

--site

 

(Optional) Website on the Internet Information Services where the application is installed. If the parameter is not set, Default Web Site is used (default).

--app-pool

 

(Optional) Application pool. If this parameter is set, the installation is performed in the specified application pool. If this parameter is not set, a new application pool is installed (default).

--source-dir

-s

(Optional) Installation source. If this parameter is set, the installation is performed from the file system. If this parameter is not set, the installation is performed from the database (default).

--deployment-target

-t

(Optional) Machine role for the installation. This parameter can be used more than once. Alternatively, multiple machine role can be separated with a pipe [|]. If this parameter is not set, the Server | Web | Appserver machine role is used.

--allow-http

 

(Optional) If the parameter is set, HTTP is permitted. If this parameter is not available, HTTPS is used (default).

--windows-auth

-w

(Optional) Type of authentication used for the web application. If this parameter is set, Windows authentication is used. If this parameter is not set, anonymous authentication is used on IIS (default).

--db-windows-auth

 

(Optional) Type of authentication used for the One Identity Manager database. If this parameter is set, Windows authentication is used. If this parameter is not set, the SQL login from the connection parameters is used.

--skip-file-permissions

-f

(Optional) If this parameter is set, no permissions are allocated for the IIS_USRS user. If this parameter is not set, the permissions are allocated for the IIS_USRS user (default).

--runtime-connection

--run-conn

(Optional) Database connection parameters used as authentication for the One Identity Manager database, for example, if the application server is run with the end user access level. If this parameter is not set, the SQL Server login from the connection parameters is used for the installation (default).

--update-user

 

(Optional) User for updating. If no user is given, the same user account is used for the application pool.

--update-user-domain

 

Active Directory domain of the user.

--update-user-password

 

User password.

--cert-mode

 

(Optional) Type of certificate selection. Permitted values are:

  • existing: Uses an existing certificate.

  • new: Uses a new certificate.

  • newfile: Creates a new certificate file. (default)

--cert-thumbprint

 

Thumbprint of the certificate if an existing certificate is used.

--cert-issuer

 

Issuer of the certificate if a new certificate or a new certificate file is created. Example: "CN=Application Server"

--cert-key

 

Length of the certificate’s key 1024, 2048 (default), and 4096 are permitted.

--cert-file

 

(Optional) Directory path and name of the certificate file if a new certificate file is created. If this parameter is not set, "App_Data\SessionCertificate.pfx" is used.

--hdb-connection

 

(Optional) History Database connection parameter. This value is a combination of the ID and the connection parameter (pipe (|) delimited). Example: “<History Database ID>|key1=value1;key2=value2;...”

--set connection

-S

Changes the connection parameters for an installed application.

--conn-id

 

(Optional) Connection parameter identifier. If this parameter is not set, the application server’s own connection parameters are used.

--uninstall

-R

Removes the application server.

--verbose

-v

Detailed log of exception errors.

--help

-h, -?

Display program help.

Parameter formats:

Multiple-character options can be given in the following forms:

--conn="..."

--conn "..."

/conn="..."

/conn "..."

Single-character options can be given in the following forms:

-c="..."

-c "..."

/c="..."

/c "..."

Switches are allowed in the forms:

-R

/R

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating