Chat now with support
Chat with Support

Identity Manager 8.2 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing additional modules for a existing One Identity Manager installation Installing and updating an application server Installing the API Server Installing, configuring, and maintaining the Web Designer Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Advanced configuration of the Manager web application Machine roles and installation packages Configuration parameters for the email notification system Configuring deployment of One Identity Manager with SQL Server AlwaysOn availability groups

Troubleshooting

For more information, see the One Identity Manager Process Monitoring and Troubleshooting Guide.

Displaying the transport history and testing the One Identity Manager version

During a schema installation or schema update using the Configuration Wizard, the migration date and migration version are recorded in the database transport history.

When you import a transport package with the Database Transporter, the import date and description, the database version, and the transport package name are recorded in the transport history of the target database.

To display transport history

  • Start the Designer and select the Help > Transport history menu item.

To obtain an overview of the system configuration

  • Start the Designer or the Manager and select the Help > Info menu item.

    The System information tab provides an overview of your current system administration and the installed modules with their versions.

    IMPORTANT: You will need to provide this information if you contact the Support Team.

    NOTE: If you have enabled vendor notification, this report is sent once a month to One Identity.

Related topics

Error messages logging in to One Identity Manager tools

Problem

When logging in to a One Identity Manager tool, the following error message appears:

[810284] Failed to authenticate user.

[810015] Login for user {0} failed.

[810017] Wrong user name or password.

Possible cause

  • The specified user is not supported by the selected authentication module.

  • The specified password is incorrect.

  • The user account used for the login is locked.

  • The employee used to log in is temporarily or permanently deactivated.

  • The employee used for log in is classified as a security threat.

Possible solutions

  • Check your login credentials.

  • Check if the employee being used to log in is locked. In the Manager, use the following menu items in the Employees category.

    • Inactive employees: This displays temporarily and permanently deactivated employees.

    • Security incidents: This displays the employees who are classified as security threats.

    • Locked employees: This displays employees that have exceeded the maximum number of failed logins and have been locked out.

  • Check if the system user used to log in is locked. Locked system users are displayed in the Designer in the Permissions > System users > Locked system users category.

For more information about deactivated employees, see the One Identity Manager Identity Management Base Module Administration Guide.

You can reset the passwords of employees and system users who have been blocked in Password Reset Portal. This unlocks the employees and system users again. For more information, see the One Identity Manager Web Designer Web Portal User Guide and the One Identity Manager Web Application Configuration Guide.

Problem

When logging in to a One Identity Manager tool, the following error message appears:

[810374] You are not allowed to run this application.

Cause

The One Identity Manager tools can only be started if the user has the relevant program function permissions. You are logging in with a system user ID that does not have the required permissions to start the program.

Possible solutions

  • Use a system user ID that has permissions to use the required program function to start the program.

  • Provide the system user with the required program function.

    • In the Designer, search in the Permissions > Program functions category for the permissions group that has the required program functionality.

    • For non role-based login: Add the system user to the permissions group in the Designer under Permissions > System users.

    • For role-based logins: Ensure that the user is assigned to the application role that contains the program function.

For more information about the One Identity Manager authentication modules, permissions groups and application roles, as well as program functions, see the One Identity Manager Authorization and Authentication Guide

Error messages when installing and updating the One Identity Manager database

Before the installation or update of the One Identity Manager database starts, the Configuration Wizard checks the settings of the database server and the database required for the installation and operation of the One Identity Manager database. For more information, see Settings for the database server and the One Identity Manager database on a SQL Server.

Some of these settings are corrected by the Configuration Wizard. If the correction is not possible, a corresponding message is issued in Configuration Wizard. In this case, correct the errors manually.

Table 40: Messages in the Configuration Wizard before starting the installation or update of a database

Message

Solution

The SQL Server Agent did not start.

Start the SQL Server Agent in the SQL Server Service Management Portal. You can log in to a SQL Server Agent both with a domain user account (Domain users) with Windows authentication as well as with a local system account.

The database collation setting is not valid. SQL_Latin1_General_CP1_CI_AS is required.

Set the Sort order (collation) database property to the value SQL_Latin1_General_CP1_CI_AS.

The migration cannot be carried out because a replication is currently running.

For more information, see Database errors when migrating a database in SQL Server AlwaysOn availability groups or database mirroring.

The value in DialogDatabase.DataOrigin is invalid. Start by running a database compilation.

Use the Database Compiler to regenerate a database ID and to compile the database. All parts of the database need to be recompiled. Make sure that all the code snippets and all processes are marked.

The Service Broker cannot be activated because other users are still active.

End other user’s connections to the database.

The database has no data-file group for in-memory OLTP.

Use the repair method to create a data-file group.

The database has not defined a file in the data-file group for in-memory OLTP.

Use the repair method to create a database file. The file is created in the directory of the data file (*.mdf).

The SQL Server has not activated in-memory OLTP.

Set the Is XTP Supported database server property value to True.

The Arithmetic Abort enabled database property is not enabled.

Set the Arithmetic Abort enabled database property value to True.

The Quoted Identifiers Enabled database property is not activated.

Set the Quoted Identifiers Enabled database property value to True.

You cannot run a migration if the recovery model is not Simple.

Set the Recovery model database property value to Simple.

The transaction mode cannot be set because other users are active.

End the connections of other users to the database.

The Job queue and/or the DBQueue is not empty. Refer to the documentation for additional information and suggested solutions for this test.

Ensure that the Job queue processes and task in the DBQueue have been processed before starting the update. Use the Job Queue Info program to monitor process handling. For more information, see the One Identity Manager Process Monitoring and Troubleshooting Guide.

The Configuration Wizard has the option to ignore this message. Only use this option in test or development environments. By updating the database, modifications may be made that result in not being able to handle the processes anymore.

The viadmin system user must have a valid password that is not empty.

Make sure that the system user has a valid password.

At least one Agent job has a different owner to that of the current user. This can lead to errors if the DBQueue Processor is stopped.

Select a user who has at least administrative permissions for the One Identity Manager database to update the One Identity Manager schema with the Configuration Wizard.

  • Use the same user that you used to initially install the schema.

  • If you created an administrative user during schema installation, use that one.

  • If you selected a user with Windows authentication to install the schema, you must use the same one for updating.

The database has the status 'Initialmigration'. Therefore the Configuration Wizard cannot be run.

The initial schema installation of the database was not completely finished. This may have different reason. For example, the database or failover cluster could not be reached during the schema installation.

Create a new database and rerun the initial schema installation. For more information, see Installing and configuring a One Identity Manager database.

The SQL Server login specified in QBMDBPrincipal.LoginName does not exist.

Use the repair method to create the SQL Server login.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating