Identity Manager 8.1 - Installation Guide

About this Guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing and updating an application server Installing the API Server Installing, configuring and maintaining the Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Error handling Appendix: Creating a One Identity Manager database for a test or development environment from a database backup Appendix: Extended configuration of the Manager web application Appendix: Machine roles and installation packages Appendix: Settings for a new SQL Server database

Installing One Identity Manager components

An installation wizard is available to help you through the installation of One Identity Manager components on workstations and servers.

NOTE: Always start installing administration and configuration tools on an administrative workstation if possible.

To install the One Identity Manager components

  1. Launch autorun.exe from the root directory of the One Identity Manager installation medium.

  2. Switch to the Installation tab, select the edition and click Install.

  3. This starts the installation wizard. On the start page, select the language for the installation wizard.

  4. Confirm the conditions of the license.

  5. On the Installation settings page, enter the following information.

    Table 14: Settings for the installation

    Setting

    Description

    Installation source

    Select the directory containing the installation files.

    Installation directory

    Select the directory in which you want to install the files for One Identity Manager.

    Note: To make further configuration settings, click on the arrow button next to the input field. Here, you can specify whether you are installing on a 64-bit or a 32-bit operating system.

    For a standard installation, no further configuration settings are necessary.

    Select installation modules using the database

    Set this option to load the installation information using the existing One Identity Manager database.

    NOTE: Leave this option empty to install the workstation on which you start the One Identity Manager schema installation.

    Add further modules to the selected edition

    Set this option to add additional One Identity Manager modules to the selected edition

  6. On the Module selection page, also select the modules to be installed.

    NOTE: This page is only shown if you set the option Add more modules to the selected Edition.

  7. Enter the database connection data on Connect to database.

    Note: This page is only shown if you have set the Select installation modules with existing database option.

    1. Select the connection in Select a database connection.

      - OR -

      Click on Add new connection, select a system type and enter connection data.

      Table 15: SQL Server Database Connection Data
      Data Description

      Server

      Database server.

      Windows authentication

      Specifies whether integrated Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

      User

      SQL Server Login name.

      Password

      SQL Server login password.

      Database

      Database.

    2. In the Authentication method area, select the authentication module and enter the logon data for the system user ID.

      Which login data you require depends on the authentication module selected.

  8. On the Assign machine roles page, define the machine roles.

    Note: The machine roles appropriate for the One Identity Manager modules are activated. All machine subroles are selected when you select the machine role. You can deselect individual packages.
  9. On the Change service properties page, you can change the name, display name and the description for installing the One Identity Manager Service.

    NOTE: This page is only shown if you have selected the machine role Server | Job Server.

  10. You can start different programs for further installation on the last page of the install wizard.

    • To perform installation of the One Identity Manager schema, start the Configuration Wizard and follow the instructions of the Configuration Wizard.

      Note: Perform this step only on the work station on which you start the installation of the One Identity Manager schema.

    • To create the configuration of the One Identity Manager Service, start the program Job Service Configuration.

      Note: Execute this step only on servers on which you have installed the One Identity Manager Service.

  1. Click Finish to close the installation wizard.
  2. Close the autorun program.

The One Identity Manager is installed for all user accounts on the workstation or server. In the default installation the One Identity Manager is installed under:

  • %ProgramFiles(x86)%\One Identity (on 32-bit operating systems)
  • %ProgramFiles%\One Identity (on 64-bit operating systems)
Related Topics

Installing the One Identity Manager components on a Windows terminal server

To install One Identity Manager tools on a Windows terminal server you need to ensure that the Windows terminal server has been fully installed and configured. This includes profile handling in particular as well as permissions for Windows terminal server use.

NOTE: Ensure that in an Active Directory Domain, users also have relevant permissions to use the Windows terminal server self.

To install One Identity Manager components on a Windows terminal server

  1. Log in with a user account, which has administrator permissions on the Windows terminal server.

    Log in through a console connection is recommended. For this call, enter the following command:

    Start/Run: mstsc /Console /v:<servername>

    where <servername> must be replaced with the server name of the terminal server (without leading "\").

  2. Open the command line console (CMD.exe) and switch the Windows terminal server into software installation mode with help of the command CHANGE USER /INSTALL.
  3. Start the installation wizard and install the One Identity Manager components as described.
  4. End the software installation mode on the Windows terminal server with the command CHANGE USER /EXECUTE in the command line console.

After the installation is complete, anyone who is an authorized Windows terminal server user can start the One Identity Manager tools and use them.

For more information about software installation on Windows terminal servers, refer to the Windows operating system documentation you are using.

Related Topics

Installing and configuring a One Identity Manager database

To set up the One Identity Manager database, use the Configuration Wizard. The Configuration Wizard executes the following steps.

  1. Installs the One Identity Manager schema in a database.

    The Configuration Wizard can create a new database and install the One Identity Manager schema. Alternatively, the One Identity Manager schema can be installed in an existing database.

  2. Creating the required SQL Server logins and database users with permissions for the administrative user, configuration user and end user.
  3. Creates administrative system users and permissions groups.
  4. Installing and configuring a One Identity Manager Service with direct access to the database for handling SQL processes and automatic server software updates.

NOTE: Further steps are executed in One Identity Manager depending on the Edition and Configuration Wizard modules.

Other steps are required to configure the One Identity Manager database following the schema installation:

  • Configure the database for a test, development or live system.
  • Other system settings may be required for putting individual functions into operation in One Identity Manager.

    Use configuration parameters to configure the behavior of the system's basic settings. One Identity Manager provides default settings for different configuration parameters. Check the configuration parameters and modify them as necessary to suit your requirements.

    Configuration parameters are defined in the One Identity Manager modules. Each One Identity Manager module can also install configuration parameters. You can find an overview of all configuration parameters in Base data | General | Configuration parameters in Designer.

  • In certain circumstances, it is necessary to store encrypted information in the One Identity Manager database. Use the program Crypto Configuration to do this.
  • You can log changes to data and information from process handling in One Identity Manager. All entries logged in One Identity Manager are initially saved in the One Identity Manager database. The proportion of historical data to total volume of a One Identity Manager database should not exceed 25%. Otherwise performance problems may arise. You must ensure that log entries are regularly removed from the One Identity Manager database and archived.

    For more information about process monitoring and process history, see the One Identity Manager Configuration Guide. For more information about archiving data, see the One Identity Manager Data Archiving Administration Guide.

Detailed information about this topic
Related Topics

Notes on setting up a One Identity Manager database

  • The following prerequisites must be fulfilled on the workstation from which you want to start the One Identity Manager database setup:

    • Installing the Configuration Wizard

      Use the install wizard to install the program. To do this, select the Workstation machine role and the Configuration installation package in the installation wizard.

    • Access to the installation sources

      NOTE: If you copy the installation files to a repository, you must ensure that the relative directory tree remains intact.

    • To ensure that HTML applications are be successfully compiled, you must download packages from the NPM repository. Ensure that the workstation you are compiling on, can establish a connection to the website registry.npmjs.org:443.

      Alternatively, you can download packages from a proxy server and install them manually.

  • An installation user with permissions for installing a One Identity Manager database must exist. For more information, see Permissions for the One Identity Manager database.

  • It is not recommended to select a user with Windows authentication for installing the database. If you decide to use it anyway, ensure that your environment supports Windows authentication. You mus use the same user to update the database.
  • If you want to install the One Identity Manager schema in an existing database, ensure that the database has the required settings. For more information, see Database server settings and the One Identity Manager database and Appendix: Settings for a new SQL Server database.

  • Always start Configuration Wizard on an administrative workstation.

  • The program executes remote installation of One Identity Manager Service. Remote installation is only supported within a domain or a trusted domain.

  • If you start the Configuration Wizard on a server on which you also want to configure a One Identity Manager Service, simply skip the section for installing the service on the local server in the Configuration Wizard. Install the One Identity Manager Service with the installation wizard in this case. For more information, see Installing and configuring the One Identity Manager Service.

  • If you are working with an encrypted One Identity Manager database, see Notes on working with an encrypted One Identity Manager database.

Related Documents