Chat now with support
Chat with Support

Identity Manager 8.1.2 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing and updating an application server Installing the API Server Installing, configuring, and maintaining the Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Creating a One Identity Manager database for a test or development environment from a database backup Advanced configuration of the Manager web application Machine roles and installation packages

Configuring the database connection

The current connection settings for the Web Portal can be viewed in the Web Designer Configuration Editor in the Database connection view. You can customize the settings as required.

To select a new database connection

  1. Open the Web Designer Configuration Editor.
  2. In the Database connection view, click the Enter new connection link.
  3. Select the system type and enter the connection data:
    • For the SQL Server system type, enter the following information.

      Table 35: SQL Server database connection data
      Data Description

      Server

      Database server.

      Windows authentication

      Specifies whether integrated Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

      User

      SQL Server login name.

      Password

      SQL Server login password.

      Database

      Database.

    • For the Application server system type, enter the URL.

NOTE: In the Options menu, select either Test connection or Advanced options as required.

Related topics

Authentication data for the web application

The authentication data for the web project and subprojects is configured in the Web Designer Configuration Editor in the Web project area. For detailed information about the authentication modules, see the One Identity Manager Authorization and Authentication Guide.

Table 36: Authentication data for the web project

Setting

Description

Web project

Name of the web project.

Authentication module

Authentication module for logging on to the web project.

NOTE: Some authentication modules support single sign-on. In such cases, a corresponding message is shown beneath selection.

Perform single sign-on, if an error occurs, using the following module.

If the module selected under Authentication module supports single sign-on, you have the option to specify an alternative authentication method here. This authentication method is used as a fall-back if single sign-on fails for any reason.

Debugging

Activate this option if you want to use a debugging environment.

OAuth

If you use the OAuth 2.0 / OpenID Connect or OAuth 2.0 / OpenID Connect (role-based) authentication modules, make your configuration settings here.

OAuth 2.0 / OpenID Connect configuration

Select the OAuth 2.0 / OpenID Connect configuration that you want to adjust.

Client ID for OAuth authentication

ID of the application on the identity provider.

Example: urn:OneIdentityManager/Web

Issuer information for the OAuth certificate

This is used to find the certificate in the certificate store. Either the thumb nail or the issuer of the certificate is required.

For example: O=[company name], OU=[organizational unit], CN=[server IP]

OAuth Resource

Uniform Resource Name (URN) of the resource to be queried. Only required if the identity provider requires this value.

Thumbprint for the OAuth certificate

Thumbprint of the certificate used to verify the security token. Either the thumb nail or the issuer of the certificate is required.

Endpoint

Uniform Resource Locator (URL) of the certificate end point on the authorization server.

For example: https://certificateServer/certificate.crt

Authentication data for subprojects

Authentication data for subprojects.

To enter or change authentication data for a sub project

  1. Open the Web Designer Configuration Editor.
  2. In the Web project pane, next to the Authentication for sub projects is missing message, click .
  3. In the edit view, click on the project marked in red.
  4. In the Authentication method pane, select the required authentication procedure and enter the required login information.
  5. Click OK.

Logging for the web application

The settings for logging the web application are configured in the Web Designer Configuration Editor in the Log view. This view is divided into:

  • General
  • Application log
  • Event log
  • Database log
Table 37: General settings for logging

Setting

Description

Application

Name of the web application.

Company name

Name of the company that uses the web application.

Product title

Software manufacturer’s product name

Log directory

Directory in which the log files of the web application are saved. The web server process must have write access to this folder.

Table 38: Application log settings

Setting

logging

Severity code

Severity level of the log.

Archive every

Maximum runtime of a log file before it is renamed. When a log file has reached its maximum age, the file is renamed and a new log file is started.

Archive numbering

Specifies whether the archive files of the application log are numbered in ascending or descending order.

Table 39: Event log settings

Setting

Description

Severity code

Severity level of the log.

Table 40: Database log settings

Setting

Description

Severity code

Severity level of the log.

Archive every

Maximum runtime of a log file before it is renamed. When a log file has reached its maximum age, the file is renamed and a new log file is started.

Archive numbering

Specifies whether the archive files of the database log are numbered in ascending or descending order.

Table 41: Permitted severities
Severity Level Description

Off

No information is logged.

Trace Logs highly detailed information. This setting should only be used for analysis purposes. The log file quickly becomes large and cumbersome.
Debug Logs debug steps. This setting should only be used for testing.
Info Logs all information.
Warning Logs all warnings.
Errors Logs all error messages.
Fatal Logs all critical error messages.

Configuring the automatic update for the Web Portal

NOTE: The following permissions are required for automatic updating:

  • The user account for updating requires write permissions for the application directory.
  • The user account for updating requires the local security policy Log on as a batch job.
  • The user account running the application pool requires the Replace a process level token and Adjust memory quotas for a process local security policies.

The automatic update is configured in the Web Designer Configuration Editor in the Automatic update pane.

To configure the automatic update of the web application

  1. Open the Web Designer Configuration Editor.
  2. In the Automatic updates pane, set the Enable automatic updates option.
  3. Define the user account for the automatic update. The user account is used to add or replace files in the application directory.

    • Use IIS credentials for update: Set this option to use the user account under which the application pool is executed for the updates.

    • Use other credentials for updates: To use a different user account, set this option. Specify the domain, the user name, and the user password.

Related topics
Related Documents