Chat now with support
Chat with Support

Identity Manager 9.2.1 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing additional modules for a existing One Identity Manager installation Installing and updating an application server Installing the API Server Installing, configuring, and maintaining the Web Designer Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Advanced configuration of the Manager web application Machine roles and installation packages Configuration parameters for the email notification system How to configure the One Identity Manager database using SQL Server AlwaysOn availability groups

Installing the One Identity Manager Service with the Server Installer

IMPORTANT: If you are working with an encrypted One Identity Manager database, see Tips for working with an encrypted One Identity Manager database.

To set up a Job server, perform the following steps.

  1. Create a Job server and install and configure the One Identity Manager Service.

    Use the One Identity Manager Service to install the Server Installer. The program runs the following steps:

    • Sets up a Job server.

    • Specifies machine roles and server function for the Job server.

    • Installs One Identity Manager Service components corresponding to the machine roles.

    • Configures the One Identity Manager Service.

    • Starts the One Identity Manager Service.

    Use the Server Installer to install the One Identity Manager Service locally or remotely.

    To remotely install the One Identity Manager Service, provide an administrative workstation on which the One Identity Manager components are installed. Ensure that the One Identity Manager components are installed on the server before installing locally. For more information about installing One Identity Manager components, see the One Identity Manager Installation Guide.

  2. If you are working with an encrypted One Identity Manager database, declare the database key in the One Identity Manager Service. For more information about working with an encrypted One Identity Manager database, see the One Identity Manager Installation Guide.

  3. To generate processes for the Job server, you need the provider, connection parameters and the authentication data. By default, this information is determined from the database connection data. If the Job server runs through an application server, you must configure extra connection data in the Designer. For more information about connection data, see the One Identity Manager Configuration Guide.

To install and configure the One Identity Manager Service on a server

  1. Start the Server Installer program.

    NOTE: To install remotely, start the Server Installer program on your administrative workstation. To install locally, start the program on the server.

  1. On the Database connection page, enter the valid connection credentials for the One Identity Manager database.

    You can connect via the application server or directly to connect to the database.

  2. On the Server properties page, specify the server on which you want to install the One Identity Manager Service.

    1. Select a Job server from the Server menu.

      - OR -

      To create a new Job server, click Add.

    2. Enter the following data for the Job server.

      • Server: Name of the Job server.

      • Queue: Name of the queue to handle the process steps. Each Job server within the network must have a unique queue identifier. The process steps are requested by the Job queue using this exact queue name. The queue identifier is entered in the One Identity Manager Service configuration file.

      • Full server name: Full server name in accordance with DNS syntax.

        Syntax:

        <Name of servers>.<Fully qualified domain name>

      NOTE: You can use the Extended option to make changes to other properties for the Job server. You can also edit the properties later with the Designer.

  1. On the Machine roles page specify which roles the Job server is to have in One Identity Manager. Installation packages to be installed on the Job server are found depending on the selected machine role.

  2. On the Server functions page, specify the function of the server in the One Identity Manager environment. One Identity Manager processes are handled with respect to the server function.

    The server's functions depend on which machine roles you have selected. You can limit the server's functionality further here.

  3. On the Service Settings page, enter the connection data and check the One Identity Manager Service configuration.

    NOTE: The initial service configuration is predefined. If further changes need to be made to the configuration, you can do this later with the Designer. For more information about configuring the service, see the One Identity Manager Configuration Guide.

    For a direct connection to the database:

    1. In the module list, select Process collection > sqlprovider.

    2. Click the Connection parameter entry, then click the Edit button.

    3. Enter the connection data for the One Identity Manager database.

    4. Click OK.

    For a connection to the application server:

    1. In the module list, select the Process collection entry and click the Insert button.

    2. Select AppServerJobProvider and click OK.

    3. In the module list, select Process collection > AppServerJobProvider.

    4. Click the Connection parameter entry, then click the Edit button.

    5. Enter the address (URL) for the application server and click OK.

    6. Click the Authentication data entry and click the Edit button.

    7. In the Authentication method dialog, select the authentication module for logging in. Depending on the authentication module, other data may be required, such as user and password. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

    8. Click OK.

  4. To configure the installation, click Next.

  1. Confirm the security prompt with Yes.

  2. On the Select installation source page, select the directory with the install files. Change the directory if necessary.

  3. On the Service access page, enter the service's installation data.

    • Computer: Select the server, on which you want to install and start the service, from the menu or enter the server's name or IP address.

      To run the installation locally, select Local installation from the menu.

    • Service account: Enter the details of the user account that the One Identity Manager Service is running under. Enter the user account, the user account's password and password confirmation.

    The service is installed using the user account with which you are logged in to the administrative workstation. If you want to use another user account for installing the service, you can enter it in the advanced options.

    You can also change the One Identity Manager Service details, such as the installation directory, name, display name, and the One Identity Manager Service description, using the advanced options.

  4. Click Next to start installing the service.

    Installation of the service occurs automatically and may take some time.

  5. Click Finish on the last page of the Server Installer.

    NOTE: In a default installation, the service is entered in the server’s service management with the name One Identity Manager Service.

Related topics

Displaying the One Identity Manager Service log file

The One Identity Manager Service log file can be displayed in a browser.

You call up the log file with the appropriate URL:

http://<server name>:<port number>

The default value is port 1880.

Different credentials are expected depending on how the authentication method is configured for displaying the log file.

To open the One Identity Manager Service log file in the Job Queue Info

  1. Start the Job Queue Info program.

  2. In the Server state view, select the Job server and select the Open in browser context menu item.

    The One Identity Manager Service HTTP server for the Job server is queried and the various One Identity Manager Service services are displayed.

  3. To display the contents of the log file, select Log File in the navigation view.

Figure 3: The One Identity Manager Service log file

The messages to be displayed on the web page can be filtered interactively. There is a menu on the website for this. Only text contained in the log file can be displayed in this case. For example, if the message type is Warning, messages with the Info message type cannot also be displayed if the relevant filter is selected.

The log output is color-coded to make it easier to identify.

Table 21: Log file color code
Color Meaning

Green

Processing successful

Yellow

Warnings occurred during processing

Red

Fatal errors occurred during processing

NOTE: If you want to retain the color information to send by email, you need to save the complete web page.

For more information about configuring how the One Identity Manager Service log file is displayed, see the One Identity Manager User Guide for One Identity Manager Tools User Interface.

Changing the user account or start type of the One Identity Manager Service

NOTE:

  • In a default installation, the service is entered in the server’s service management with the name One Identity Manager Service.

  • If you change the One Identity Manager Service's user account, you must save the service's configuration file in the service’s install directory again.

  • If you are working with an encrypted One Identity Manager database, see Tips for working with an encrypted One Identity Manager database.

To customize login data and the way the service is started

  1. Open the service management of the server and select the One Identity Manager Service in the list of services.

  2. Open service properties with the Properties context menu item.

  3. On the General tab, change the start type if necessary.

    The Automatic start type is recommended.

  4. Change the user account under which the service runs on the Login tab.

  5. Click Apply.

  6. Close the service's properties with OK.

  7. Start the service from the context menu item Start.

    If the One Identity Manager Service cannot be started, a corresponding message is written to the server event log.

Related topics

The One Identity Manager Service in a cluster

The idea of a cluster solution is to make the system highly available. The goal is to limit system failure to only a few seconds if a hardware or software component fails. This can be achieved with the installation of a Windows cluster solution (only possible with Enterprise servers). The following diagram shows such a solution.

Figure 4: Example of a cluster solution

This cluster is made up of two physical computers Server A and Server B that use the same disk array and have their own individual system hard drive. Every server has a Windows operating system. Both servers are installed identically so that in the case of failure one server can take over from the other.

All redundant system components are managed by the cluster manager. From an external point of view, the cluster is addressed as a single, virtual server Server C. The service or user that is accessing the service is automatically connected to the physical server that is currently carrying out the work in the cluster.

If one of the servers fails, then the redundant server in the cluster automatically takes over. The virtual server remains the contact partner; only the physical server that is running, changes.

Detailed information about this topic
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating