Identity Manager 8.0 - Installation Guide

About this Guide One Identity Manager Overview Installation Prerequisites Installing the One Identity Manager Installing and Configuring the One Identity Manager Service Updating the One Identity Manager Installing and Updating a One Identity Manager Application Server Installing, Configuring and Maintaining the Web Portal Installing the Operations Support Web Portal Installing and Updating the Manager Web Application Logging into One Identity Manager Tools Troubleshooting Appendix: One Identity Manager Authentication Modules Appendix: Creating a One Identity Manager Database for a Test or Development Environment from a Database Backup Appendix: Manager Web Application Extended Configuration Appendix: Machine Roles and Installation Packages Appendix: Settings for a New SQL Server Database

Re-encrypting Database Data

Re-encrypting Database Data

Use this method when you mark more database columns with the option Encrypted and the database is already encrypted.

NOTE: It is recommended that you create a backup before encrypting the database information in a database. Then you can restore the previous state if necessary.

To repeat One Identity Manager database encryption using an existing database key

  1. Open Launchpad and select Encrypt database. This starts the program "Crypto Configuration".
  2. Click Next on the start page.
  3. Enter valid connection credentials for the One Identity Manager database on the New database connection page and click Next.
  4. Select Encrypt using existing key on the Select action page and click Next.

    This establishes which data is encrypted.

  5. The data is displayed on the Convert database page.
    1. Click Convert.
    2. Confirm the following two security questions with Yes.

      The data encryption is started. Conversion progress is displayed.

    3. Click Next.
  6. Click Finish on the last page to end the program.
Related Topics

Decrypting Database Data

Decrypting Database Data

NOTE:You need the file with the database key for this.

NOTE: It is recommended that you create a backup before encrypting the data in a database. Then you can restore the previous state if necessary.

To decrypt the One Identity Manager database

  1. Open Launchpad and select Encrypt database. This starts the program "Crypto Configuration".
  2. Click Next on the start page.
  3. Enter valid connection credentials for the One Identity Manager database on the New database connection page and click Next.
  4. Select Decrypt data on the Select action page and click Next.

    This establishes which data is encrypted.

  5. The data is displayed on the Convert database page.
    1. Click Convert.
    2. Confirm the following two security questions with Yes.

    3. The data encryption is started. Conversion progress is displayed.

    4. Select the file (*.key) with the old database key using the file browser.
    5. Click Open.

      The file browser is closed. The data decryption is started. Conversion progress is displayed.

    6. Click Next.
  6. Click Finish on the last page to end the program.
Related Topics

Advice for Working with an Encrypted One Identity Manager Database

Advice for Working with an Encrypted One Identity Manager Database

If you encrypt a One Identity Manager database, you must declare the database key to the One Identity Manager Service.

 CAUTION: If the One Identity Manager Service finds a private key on start up, it places it in the key container and deletes the file from the hard drive. So save the private key at another location in addition to the service install directory!

To declare the database key

  • Declare the following information in the One Identity Manager Service configuration file. Use Job Server Editor in Designer or the program "Job Service Configuration" to edit the configuration file.
    Table 29: Configuration of One Identity Manager Service for Encryption
    Configuration Module Parameter Meaning

    JobServiceDestination

    File with private key (PrivateKey)

    Enter the file with the encryption information. The default file is private.key.

    JobServiceDestination

    Encryption scheme (EncryptionScheme)

    Specify the encryption scheme you want to use

  • Save the key file created in the service’s install directory.
  • Open the services utility and restart the service "One Identity Manager Service".

NOTE: The file with the private key must exist in the server's installation directory on all servers with an active One Identity Manager Service.

NOTE: If you change the One Identity Manager Service user account, you must save the key file in the service’s install directory again.

Detailed information about this topic

Vendor Notification in One Identity Manager

Vendor Notification in One Identity Manager

Give us the opportunity to keep you up-to-date. The interfaces to other systems are being developed continually. Enable vendor notifications to receive news about important program updates for your system.

If vendor notification is enabled, One Identity Manager generates a list of system settings once a month and sends it to One Identity. This list does not contain any personal data. The list will be reviewed by our customer support team who will look for material changes in a proactive effort to identify potential issues before they materialize on your system. The lists may be used by our R&D staff for analysis, diagnosis, and replication for testing purposes. We will keep and refer to this information for as long as your company remains on support for this product.

 NOTE: You may review the most recent list at any time from in the Help | Info... menu.
Detailed information about this topic
Related Documents