Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email supportadmin@quest.com for assistance

Identity Manager 9.0 LTS - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing additional modules for a existing One Identity Manager installation Installing and updating an application server Installing the API Server Installing, configuring, and maintaining the Web Designer Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Advanced configuration of the Manager web application Machine roles and installation packages Configuration parameters for the email notification system How to configure the One Identity Manager database using SQL Server AlwaysOn availability groups

Maintenance mode

To carry out maintenance work, switch the web application to maintenance mode. You use maintenance mode, for example, to enable an update at a particular time.

No new sessions are permitted in maintenance mode. Current sessions are not affected. While maintenance work is being performed, users who view the web application are displayed the contents of the Maintenance.html file, which is located in the installation directory of the web application. You can edit this file to display details of the maintenance work for the user.

To switch the web application to maintenance mode

  1. Open the Runtime Monitor in the browser.

  2. On the Status tab, click Start maintenance mode.

To end maintenance mode

  1. Open the Runtime Monitor in the browser.

  2. On the Status tab, click End maintenance mode.

Maintenance mode can also be activated by creating the file App_Data\Maintenance.mode in the installation directory of the web application, and deactivated by deleting this file.

Related topics

Using the performance indicators for monitoring

When you install a web application, performance counters are registered, which provide information about the state of the application.

Performance indicators can be installed later.

NOTE: Prerequisites for this are that the web application is installed on a Windows Server and has sufficient permissions to offer performance indicators. It may be necessary to add the application pool user account to the local group Performance monitoring user for this. Apart from this, the web application must be running in order to select the performance indicators.

To post-install performance indicators

  1. Open the Web Designer Configuration Editor.

  2. Click Web settings and Create Windows performance counters.

    After this is successfully completed, an installation prompt is displayed.

  3. Confirm the prompt with OK.

To view performance counters

  1. Log in to the server on which the web application is installed.

  2. Start performance monitoring of Windows.

  3. In the dialog on the left-hand side, select Performance monitoring.

  4. In the performance monitoring view, click .

  5. In the Add Counters dialog, under Available Counters, select the One Identity Manager Web Portal and add to the entry.

    This displays performance indicators for the web application. The following indicators are available.

    Table 38: Performance indicators

    Performance indicator

    Description

    AJAX calls

    Number of HTTP queries processed asynchronously.

    Objects

    Number of active database objects.

    Exceptions

    Number of exception errors that have occurred.

    Forms

    Number of active forms.

    HTML requests

    Number of HTML page requests.

    PID

    Number of process IDs.

    Contexts

    Number of active module objects.

    Sessions

    Number of active sessions.

    Sessions total

    Total number of sessions since the application started.

  6. Enter any new performance indicators you wish and select the web application under Instances of selected object:.

    TIP: Only running web applications are displayed for selection. If you install a new web application, it may take a few minutes before the list of available web applications including the new one is available.

Installing and updating the Manager web application

Manager functionality can be provided by web applications. Before installation ensure that the minimal hardware and software prerequisites are fulfilled on the server.

Detailed information about this topic

Installing the Manager web application

One Identity Manager requires each web application to be defined in one language. If you wish to publish an application in two languages, you must install two separate applications. Web Installer installs one application per language by default.

You can define a language pool for these applications if several application are running at once. If a user calls up a web application from the language pool, they are automatically diverted to the web application that matches their language. It is, therefore, not important to declare all the web application URLs in the language pool.

This mechanism also allows you to achieve simple load balancing.

IMPORTANT: Start the Manager web application installation on the server.

To install the Manager web application

  1. Launch autorun.exe from the root directory of the One Identity Manager installation medium.

  2. On the start page of the installation wizard:

    1. Change to the Installation tab.

    2. In the Web-based components pane, click Install.

    Starts the Web Installer.

  3. On the start page of the Web Installer, select Install Manager web application and click Next.

  4. On the Database connection page, do the following:

    TIP: It is recommended to establish a connection through the application server.

    • To use an existing connection to the One Identity Manager database, select it in the Select a database connection menu.

      - OR -

    • To create a new connection to the One Identity Manager database, click Add new connection and enter a new connection .

  5. Select the authentication method and, under Authentication method, enter the login data for the database.

  6. Configure the following settings on the Select setup target page.

    Table 39: Settings for the installation target
    Setting Description

    Application name

    Name used as application name, as in the title bar of the browser, for example.

    Target in IIS

    Internet Information Services web page on which to install the application.

    Enforce SSL

    Specifies whether secure or insecure websites are available to install. If the option is set, only sites secured by SSL can be used for installing. This setting is the default value. If this option is not set, insecure websites can be used for installing.

    URL

    The application's Uniform Resource Locator (URL).

    Install dedicated application pool

    Specifies whether an application pool is installed for each application. This allows applications to be set up independently of one another. If this option is set, each application is installed in its own application pool.

    Application pool

    The application pool to use. This can only be entered if the Install dedicated application pool option is not set.

    If you use the DefaultAppPool default value, the application pool has the following syntax:

    <application name>_POOL

    Identity

    Permissions for running an application pool. You can use a default identity or a custom user account.

    If you use the ApplicationPoolIdentity default value, the user account has the following syntax:

    IIS APPPOOL\<application name>_POOL

    You can authorize another user by clicking ... next to the box, enabling the Custom account option and entering the user and password.

    Web authentication

    Type of authentication against the web application. You have the following options:

    • Windows authentication (single sign-on)

      The user is authenticated against the Internet Information Services using their Windows user account and the web application logs in the employee assigned to the user account as role-based. If single sign-on is not possible, the user is diverted to a login page. You can only select this authentication method if Windows authentication is installed.

    • Anonymous

      Login is possible without Windows authentication. The user is authenticated against the Internet Information Services and the web application anonymously, and the web application is directed to a login page.

    Database authentication

    NOTE: You can only see this section if you have selected a SQL database connection on the Database connection page.

    Type of authentication against the One Identity Manager database. You have the following options:

    • Windows authentication

      The web application is authenticated against the One Identity Manager database with the same Windows user account that your application pool uses. Login is possible with a user-defined user account or a default identity for the application pool.

    • SQL authentication

      Authentication is completed with a SQL Server login and password. The SQL Server login from the database connection is used. Use the [...] button to enter a different SQL login, for example, if the application is run with a access level for end users. This access data is saved in the web application configuration as computer specific encrypted.

  7. Specify other application specific settings on the Configuration page.

    1. Select the language of the application from the Language menu. The language influences how dates and numbers displayed amongst other things.

    2. The web application requires access permissions to itself. If you selected the Windows authentication (single sign-on) authentication type as web authentication, enter the domain, user account, and password for the user. For anonymous web authentication, no further entries are required.

  8. Specify the user account for automatic updating on the Set update credentials page. The user account is used to add or replace files in the application directory.

    • Use IIS credentials for update: Set this option to use the user account under which the application pool is run for the updates.

    • Use other credentials for updates: To use a different user account, set this option. Specify the domain, the user name, and the user password.

  9. Installation progress is displayed on the Setup is running page. Once installation is complete, click Next.

  10. Click Finish on the last page to end the program.

NOTE: The Web Installer generates both the web application and the configuration file (web.config). The Web Installer uses default values for the configuration settings. You can keep these values. It is recommended you check the settings with the help of the Manager Web Configuration Editor. You will find the configuration file (web.config) in the web application directory in the Internet Information Services.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating