You should set up your own database user to use the database. You can create the database user with the
or manually.
|
NOTE: The database users involved, must get their permissions directly. When the permissions are assigned through database roles it may lead to Oracle errors when data queries are executed because of permission restrictions. |
The following permissions are required for an Oracle Database installation
Permission |
Required For |
---|---|
GRANT ALTER SESSION TO <user> |
Changing own user session settings. |
GRANT ANALYZE ANY TO <user> |
The permissions are used to execute the procedure DBMS_STATS.FLUSH_DATABASE_MONITORING_INFO while calculating statistics , These permissions are not required if no statistics are being determined. |
GRANT CONNECT TO <user> |
Connecting database. |
GRANT CREATE JOB TO <user> |
Creating database schedules. |
GRANT CREATE PROCEDURE TO <user> |
Creating schema objects. |
GRANT CREATE SEQUENCE TO <user> |
Creating schema objects. |
GRANT CREATE SYNONYM TO <user> |
Creating schema objects. |
GRANT CREATE TABLE TO <user> |
Creating schema objects. |
GRANT CREATE TRIGGER TO <user> |
Creating schema objects. |
GRANT CREATE TYPE TO <user> |
Creating schema objects. |
GRANT CREATE VIEW TO <user> |
Creating schema objects. |
GRANT EXCEUTE ON DBMS_PIPE TO <user> |
Communication of single processing steps concurrently with the DBQueue Processor main routine. |
GRANT EXECUTE ON DBMS_CRYPTO TO <user> |
Access to package for general encryption routines. |
GRANT EXECUTE ON DBMS_LOCK TO <user> |
Uses the sleep method for relaying processing in the DBQueue Processor, for example, to wait for single processing steps to end. |
GRANT SELECT ON GV_$OSSTAT TO <user> |
Loading information about the current server version. |
GRANT SELECT ON GV_$SESSION TO <user> |
Loading data from the current session. These permissions are also required to switch the database into single-user mode. |
The One Identity Manager Service log files can be displayed through an HTTP server (http://<server name>:<port number>).
A user must have the appropriate permissions in order to open an HTTP server. The administrator must grant URL approval to the user to do this. This can be executed with the following command line call:
netsh http add urlacl url=http://*:<port number>/ user=<domain>\<user name>
If the One Identity Manager Service has to run under the Network Service (NT Authority\NetworkService) user account, explicit permissions for the internal web service must be granted under Windows Server 2008 (R2). This can be executed with the following command line call:
netsh http add urlacl url=http://<IP address>:<port number>/ user="NT AUTHORITY\NETWORKSERVICE"
The result can also be verified using the following command line call:
netsh http show urlacl
One Identity Manager is made up of several components that can be executed in different network segments. In addition, One Identity Manager requires access to various network services, which can also be installed in different network segments. You must open various ports depending on which components and services you want to install behind the firewall.
The following ports are required:
Default port | Description |
---|---|
SQL Server: 1433 Oracle: 1521 |
Port for communicating with the database. |
1880 |
Port for the HTTP based protocol of the One Identity Manager Service. |
2880 |
Port for access tests with the Synchronization Editor. |
80 |
Port for accessing web applications. |
88 |
Kerberos authentication system. (if Kerberos authentication is implemented). |
135 | Microsoft EPMAP (End Point Mapper) (also DCE/RPC Locator Service) |
137 | NetBIOS Name Service |
139 | NetBIOS Session Service |
Other ports for connecting to target systems are also required. These ports are listed in the corresponding guides.
The following steps are required to install One Identity Manager.
|
NOTE: Several SQL processing servers can be set up to spread the load of SQL processes. |
|
NOTE: You can proceed with setting up an SQL processing server and the update server using the Configuration Wizard. For more information, see Installing the One Identity Manager Service for the Database. |
You can also install the following:
Install more Web services like SPML Web service or SOAP Web Service.
For detailed information about installing the web service, see the One Identity Manager Configuration Guide.
You can install and update One Identity Manager on the following types.
Fore more detailed information about updating the One Identity Manager, see Updating One Identity Manager.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy