Chat now with support
Chat with Support

Identity Manager 8.1.2 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing and updating an application server Installing the API Server Installing, configuring, and maintaining the Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Creating a One Identity Manager database for a test or development environment from a database backup Advanced configuration of the Manager web application Machine roles and installation packages

Updating the One Identity Manager database

Automatic version control is integrated into One Identity Manager, ensuring that One Identity Manager components are always consistent with each other and with the database. If program extensions that change the structure are implemented - for example, table extensions - the database needs to be updated.

You need to update the database if hotfixes and service packs are available for the version of One Identity Manager you are currently running or for complete version updates. In addition, customer-specific changes must be transferred from a development database into the test database and into the production system database.

IMPORTANT: Test changes in a test system before you load a transport package in a productive system.

You can customize the One Identity Manager schema by loading so-called transport packages. One Identity Manager recognizes the following types of transport packages that can be copied to the database depending on requirements.

Table 27: Transport package
Transport package type Description Tool used

Migration package

Migration packages are provided by for the initial database schema installation, for service pack and complete version updates. A migration package contains all the necessary tables, data types, database procedures, and the default One Identity Manager configuration.

Configuration Wizard

Hotfix package

Hotfix packages are provided to load individual corrections to the default configuration such as templates, scripts, processes, or files into the database.

NOTE: If a hotfix package only contains changed files, load these files into the database using the Software Loader file.

Database Transporter

Software Loader

Custom configuration package

A custom configuration package is used to exchange customer specific changes between the development, test, and productive system database. This transport package is created by the customer and loaded into the database.

Database Transporter

NOTE: If, in additional to a hotfix package, there are additional customized configuration settings to be installed in a One Identity Manager database, create a custom configuration package and use the Database Transporter to import it into the target database. There is no support for merging a hotfix package with a custom configuration package into one transport package.

Related topics

Advice on updating the One Identity Manager database

  • Test changes in a test system before you load a migration package in a production system. Use a copy of the production database for testing.

  • Before you update the One Identity Manager schema, ensure that the administrative system user, who is going to compile the database, has a password. Otherwise the schema update cannot be completed successfully.

  • Use the Configuration Wizard to update the One Identity Manager database if you have received a service pack or complete version update. The Configuration Wizard carries out the update of the schema and transfers the current status to the version history.

  • For One Identity Manager databases on SQL Servers, it is recommended, on performance grounds, that you set the database to the Simple recovery model for the duration of the schema update.

  • Start Configuration Wizard on an administrative workstation.

  • Select a user who has at least administrative permissions for the One Identity Manager database to update the One Identity Manager schema with the Configuration Wizard.

    • Use the same user that you used to initially install the schema.

    • If you created an administrative user during schema installation, use that one.

    • If you selected a user with Windows authentication to install the schema, you must use the same one for updating.

NOTE: If you want to switch to the granular permissions concept when you upgrade from version 7.0.x, 7.1.x or 8.0.x to 8.1.2, you will also require an installation user in accordance with Users with granular permission for the One Identity Manager database on an SQL Server.

After updating One Identity Manager, change the connection parameters. This affect the connection credentials for the database (DialogDatabase), for example, the One Identity Manager Service, the application server, administration, and configuration tools, web applications and web services, and the connection credentials in synchronization projects.

If you want to switch to granular permissions when you update from 8.1.x, contact support. To access the Support Portal, go to https://support.oneidentity.com/identity-manager/.

  • For the period of the update, the database is set to single user mode. Close all existing connections to the database before starting the schema update.

  • After the update has completed, the database switches automatically to multi-user mode. If this is not possible, you receive a message in which you can manually switch to multi-user mode.

  • You may experience problems activating single-user mode when using database mirroring.

  • During the update, calculation tasks are queued in the database. These are processed by the DBQueue Processor. Processing calculation tasks may take some time depending on the amount of data and system performance.

    This is particularly the case if you save large amounts of historical data in the One Identity Manager database, such as change data or data from process handling.

    Therefore, ensure that you have configured an appropriate procedure for archiving the data before you update the database. For more information about archiving data, see the One Identity Manager Data Archiving Administration Guide.

  • To ensure that HTML applications are successfully compiled, you must download packages from the NPM repository. Ensure that the workstation you are compiling on, can establish a connection to the registry.npmjs.org:443 website.

    Alternatively, you can download packages from a proxy server and install them manually.

Detailed information about this topic

Updating the One Identity Manager database with the Configuration Wizard

IMPORTANT: Test your changes in a test system before you load a migration package in a productive system. Use a copy of the production database for testing.

NOTE: Always start the Configuration Wizard on an administrative workstation!

To update a database

  1. Start the Configuration Wizard.
  2. On the Configuration Wizard home page, select the Update database option and click Next.
  3. On the Select database page, select the database and installation directory.
    1. Select the database connection in the Select a database connection pane. Select a user who at least has administrative permissions for the One Identity Manager database.

    2. In the Installation source pane, select the directory with the installation files.

  4. Configuration modules and version information are shown on the Product description page.

    1. Select the module you want to update.
    2. Confirm that you have an up-to-date backup of database.
    3. Confirm that the database consistency checks were executed.
    4. Set Add other modules to select other modules.
  5. Select the additional module on the Select configuration modules page.

    NOTE: This page is only shown if you set Add more modules.

    NOTE: If you add more modules, your custom administrative users obtain the permissions for this module.

  6. Other users with existing connections to the database are displayed on the Active sessions page.

    • Disconnect the connections on order to start database processing.
  7. On the Create a new login for administrators page, decide which SQL server login to use for administrative users.

    NOTE: This page is only shown when updating a One Identity Manager database with version 7.0.x, 7.1.x or 8.0.x to version 8.1.2.

    If you want to switch to granular permissions when you update from 8.1.x at a later date, contact support. To access the Support Portal, go to https://support.oneidentity.com/identity-manager/.

    You have the following options:

    • Create new SQL Server logins for the database: Select this option if you want to set up a new administrative login on the SQL Server. Other SQL Server logins with permissions for system configuration and for end users are created after the database has been migrated.

      Enter the login name, password, and password confirmation for the new SQL Server login.

    • Use the current SQL Server login for the database: If you select this option, no other SQL server logins are created for the database. In this case, you cannot work with granular permissions concepts at SQL level. The user you specified is used to connect to the database.

  8. On the Database check page, errors are displayed that prevent the database from being processed. Correct the errors before you continue updating.

  9. The installation steps are shown on the Processing database page. Installation and configuration of the database are automatically carried out by the Configuration Wizard.

    TIP: Set Advanced to obtain detailed information about processing steps and the migration log.

    1. You must log in as an administrative user to compile the system.
      1. Enter a user name and password for the administrative system user.
      2. Click Log in.
    2. Once processing is complete, click Next.
  10. On the Create SQL server logins page, enter the login name, the password, and password confirmation for the SQL Server logins for configuration users and end users.

    NOTE: This page is only shown when updating a One Identity Manager database with version 7.0, 7.1 or 8.0 to version 8.1.2.

  11. You can configure the vendor notification on the page, Configure vendor notification.

    NOTE: This page is only shown of you have not yet enabled vendor notifications.

    If vendor notification is enabled, One Identity Manager generates a list of system settings once a month and sends it to One Identity. This list does not contain any personal data. The list will be reviewed by our customer support team, who will look for material changes in a proactive effort to identify potential issues before they materialize on your system. The lists may be used by our R&D staff for analysis, diagnosis, and replication for testing purposes. We will keep and refer to this information for as long as your company remains on support for this product.

    1. To use the function, set Enable vendor notification and enter your company's contact email address in Email address for contact.

      The email address is used as the sender address for notifying vendors.

    2. Set Disable vendor notification if you do not want to use this functionality.
  12. On the last page of the Configuration Wizard, click Finish.
Related topics

Editing the One Identity Manager database during update with the Configuration Wizard

The One Identity Manager database is updated automatically by the Configuration Wizard. This procedure may take some time depending on the amount of data and system performance.

The Configuration Wizard performs the following steps:

  • Updating the One Identity Manager schema.

    Before the schema installation, the Configuration Wizard checks the database. Error messages are displayed in a separate window. The errors must be corrected manually. The schema update cannot be started until these are resolved.

    All the tables, data types, and database procedures that are required are loaded into the database by the schema update. When a transport package is imported into a One Identity Manager database, the following operations are carried out.

    Table 28: Operations when importing a migration package
    Operations Description
    Insert If the object is not found in the target database, a new object is generated with the key values.
    Refresh If the object is found in the target database, the object is updated.
    Delete Objects that are no longer needed are deleted.

    During a schema update, calculation tasks are queued in the database. These are processed by the DBQueue Processor.

    For a schema update with the Configuration Wizard, the migration date and the migration status are recorded in the transport history of the database.

  • Compiling the system.

    Scripts, templates, and processes are declared in the database. The System user authentication module with the specified system user is used for compilation.

  • Uploading files for automatic software update.

    In order to distribute One Identity Manager files using the automatic software updating mechanism, the files are loaded into the One Identity Manager database.

  • Migration of synchronization projects.

    A process that migrates all existing synchronization project is queued in the Job queue. This updates the One Identity Manager schema and applies automatic patches.

Related topics
Related Documents