Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email supportadmin@quest.com for assistance

Identity Manager 8.2.1 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing additional modules for a existing One Identity Manager installation Installing and updating an application server Installing the API Server Installing, configuring, and maintaining the Web Designer Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Advanced configuration of the Manager web application Machine roles and installation packages Configuration parameters for the email notification system How to configure the One Identity Manager database using SQL Server AlwaysOn availability groups

Security settings of the Manager web application

In the Security pane of the Manager Web Configuration Editor, you define several important settings that influence the security of the Manager web application.

Table 43: Meaning of configuration settings for security
Setting Description

Staging

Default configuration of the staging environment. This setting also affects other configuration groups. Permitted values are:

  • Production: Recommended setting for all live installations.

  • Test: Setting, if the application was installed for test purposes.

  • Development: Setting, if the application was installed in a development environment.

  • Custom: Setting, if all settings are made manually.

Invalid session response delay

Time in seconds that a client sided request with false session data is blocked. This setting prevents possible "Brute force" access attempts.

Permit login without cookies

The application uses session cookies to secure client-server communication. Set this setting to allow user login without cookies. This would be the case, for example, if cookies were forbidden in a company network.

NOTE: It is not recommended to enable this setting.

Close browser window after logout

Specifies whether the browser window is closed after logging out. If this setting is enabled, the application tries to close the user's browser window after logging out. This function is not supported by every browser or only when the browser prompts.

NOTE: By default, use of SSL is disabled. SSL can now be optionally enabled. To do this, insert the following entry in the application section of the Manager web application's configuration file (Web.config).

<add key="AllowSSL" value="True" />

Debug settings of the Manager web application

The Debugging pane of the Manager Web Configuration Editor contains useful settings for troubleshooting in the Manager web application. Normally, you cannot configure anything here.

Table 44: Meaning of configuration settings for debugging
Setting Description

Log mode

The amount of data to be logged.

NOTE: When the application is in productive operation, Normal should be set.

Enable documentation mode

Specifies whether additional data is displayed in the application interface, for example, the name of the active form. The effect depends on the visualization selected.

NOTE: This setting should not be enabled in a live environment.

Enable SQL log

Specifies whether the all database instructions are logged. The log is written in the SQL log directory.

NOTE: This setting should not be enabled in a live environment.

Show ASP.Net error messages

Specifies whether ASP.Net's own error messages are shown.

NOTE: This setting should not be enabled in a live environment.

Enable test mode

Specifies whether automatic tests are supported.

NOTE: This setting should not be enabled in a live environment.

Related topics

Performance settings of the Manager web application

In the Performance pane of the Manager Web Configuration Editor, you define several important settings that influence the performance of the Manager web application.

Table 45: Meaning of configuration settings for performance

Setting

Description

Load balancing

The mode of integrated load balancing. In most cases, DistributeEqually should be selected.

Maximum workload

Maximum number of user sessions an application accepts. The application can be installed multiple times if a large number of sessions is required because system resources for each application process are limited.

Force maximum workload

The value in Maximum workload is overridden is this setting is not set. However, it is used as a threshold value for the DistributeSuccessively load balancing method.

Compress HTTP transfer

Specifies whether use of compression for HTTP communication is set.

NOTE: Compression of HTTP communication must also be configured for Internet Information Services. For more information see the Web server documentation.

Host segmentation

Specifies host segmentation. This setting allows distribution of client sided requests to several server addresses representing aliases for the web front-end. This bypasses some of the browser limitation and can therefore shorten loading time if the network connection is bad.

Related topics

Settings for downloading the Manager web application

To enable the download of larger files, the Manager web application requires a directory in which the download can be made available to the user. This effects reports, for example, which are generated by the application and saved as PDF by the user. You can edit the settings in the File download pane of the Manager Web Configuration Editor.

Table 46: Meaning of the configuration settings for the file download
Setting Description

Enable file download

Specifies whether file download is enabled. Enable this setting to allow larger files, such as reports, to be downloaded. If file download is not set, certain functions are not available.

Download directory

Directory for the application to use to make download available. The application requires full permissions to this directory.

Cleanup interval

Time in minutes search for and remove redundant files.

Supply time

Time in minutes before download is available to the user. Once a download has been initiated, the application cannot verify when and if the download was run by the user so that the download must be stopped after a set time interval.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating