To install One Identity Manager 9.0 for the first time, follow the installation instructions in the One Identity Manager Installation Guide. For detailed instructions about updating, see the One Identity Manager Installation Guide.
IMPORTANT: Note the Advice for updating One Identity Manager.
One Identity Manager 9.0 is a further development of version 8.2.1. All official releases of versions 8.2.1, 8.1.5, or earlier can be upgraded to version 9.0. Updating a newer version can lead to a downgrade.
Test changes in a test system before you load a migration package into a production system. Use a copy of the production database for testing.
Ensure that the administrative system user, who is going to compile the database, has a password before you update the database to version 9.0. Otherwise the schema update cannot be completed successfully.
For One Identity Manager databases on SQL Servers, it is recommended, on performance grounds, that you set the database to the Simple recovery model for the duration of the schema update.
During the update of a One Identity Manager database version 8.0.x to version 9.0, different columns that were already semantically defined as mandatory fields become physical mandatory fields.
During the schema update with the Configuration Wizard, errors may occur due to inconsistent data. The update quits with an error message.
<table>.<column> must not be null
Cannot insert the value NULL into column '<column>', table '<table>'; column does not allow nulls.
UPDATE fails
Check and correct data consistency before updating a One Identity Manager database. In the add-on for the Configuration Module on the installation medium, a test script (\SDK\SQLSamples\MSSQL2K\30374.sql) is provided. In case it fails, correct the data and restart the update.
One Identity Manager uses In-Memory OLTP ((Online Transactional Processing) for memory optimized data access. The database server must support extreme transaction processing (XTP). If XTP is not enabled, the installation or update will not start. Check whether the SQL Server property Supports Extreme Transaction Processing (IsXTPSupported) is set to True.
The following prerequisites must be fulfilled to create memory-optimized tables:
A database file with the file type Filestream data must exist.
A memory-optimized data filegroup must exist.
The Configuration Wizard checks whether these prerequisites are fulfilled before the One Identity Manager database can be installed or updated. The Configuration Wizard offers repair methods for creating the database file and database group.
During the update, calculation tasks are queued in the database. These are processed by the DBQueue Processor. Processing calculation tasks may take some time depending on the amount of data and system performance.
This is particularly the case if you save large amounts of historical data in the One Identity Manager database, such as change data or data from process handling.
Therefore, ensure that you have configured an appropriate procedure for archiving the data before you update the database. For more information about archiving data, see the One Identity Manager Data Archiving Administration Guide.
For the period of the update, the database is set to single user mode. Close all existing connections to the database before starting the schema update.
You may experience problems activating single-user mode when using database mirroring.
During installation of a new One Identity Manager database with version 9.0 or while updating a One Identity Manager database from version 8.0.x to version 9.0, you can specify whether you want to work with granular permissions at server and database level. The Configuration Wizard then creates SQL Server logins and database users with the necessary permissions for administrative user, configuration users and end users. For more detailed information about permissions, see the One Identity Manager Installation Guide.
After updating One Identity Manager, change the connection parameters. This affects, for example, the connection data for the database (DialogDatabase), the One Identity Manager Service, the application server, the administration and configuration tools, the web applications and web services as well as the connection data in synchronization projects.
NOTE: If you want to switch to the granular permissions concept when you upgrade from version 8.0.x to version 9.0, use an installation user with permissions for this permissions concept. For more detailed information about permissions, see the One Identity Manager Installation Guide.
If you want to switch to granular permissions when you update from 8.1.x, contact support. To access the Support Portal, go to https://support.oneidentity.com/identity-manager/.
To successfully compile HTML applications with the Configuration Wizard, you must download packages from the NPM repository. Ensure that the workstation running the Configuration Wizard can establish a connection to the website https://registry.npmjs.org.
Alternatively, it is possible to download the packages from a proxy server and make them available manually. For more information, see the knowledge article https://support.oneidentity.com/kb/266000.
After the update has completed, the database switches automatically to multi-user mode. If this is not possible, you receive a message in which you can manually switch to multi-user mode.
Once this version has been installed, users that need to access the REST API in the application server require the Enables access to the REST API on the application server (AppServer_API) function. Assign this program function to the users. For more information, see the One Identity Manager Authorization and Authentication Guide.
IMPORTANT: Note the Advice for updating One Identity Manager.
To update an existing One Identity Manager installation to version 9.0
Start the Consistency Editor in the Designer by selecting the Database > Check data consistency menu item.
In the Test options dialog, click 
Under the Database node, enable all the tests and click OK.
Select the Consistency check > Run menu item to start testing.
All the database tests must be successful. Correct any errors. Some consistency checks offer repair options for correcting errors.
Update the administrative workstation, on which the One Identity Manager database schema update is started.
Run the autorun.exe program from the root directory on the One Identity Manager installation medium.
Change to the Installation tab. Select the Edition you have installed.
NOTE:
To update a One Identity Manager Active Directory Edition, switch to the Other Products tab and select the One Identity Manager Active Directory Edition entry.
Click Install.
This starts the installation wizard.
Follow the installation instructions.
IMPORTANT: On the Installation Settings page, select the directory for your current installation as the installation directory. Otherwise the components are not updated and a new installation is created in the second directory instead.
Stop the One Identity Manager Service on the update server.
Make a backup of the One Identity Manager database.
Check whether the database's compatibility level is set to 150 and change the value if required.
Run the One Identity Manager database schema update.
Start the on the administrative workstation and follow the instructions.
Select a user who has at least administrative permissions for the One Identity Manager database to update the One Identity Manager schema with the Configuration Wizard.
Use the same user as you used for initially installing the schema.
If you created an administrative user during schema installation, use that one.
If you selected a user with Windows authentication to install the schema, you must use the same one for updating.
NOTE: If you want to switch to the granular permissions concept when you upgrade from version 8.0.x to version 9.0, use an installation user with permissions for this permissions concept. For more detailed information about permissions, see the One Identity Manager Installation Guide.
If you want to switch to granular permissions when you update from 8.1.x, contact support. To access the Support Portal, go to https://support.oneidentity.com/identity-manager/.
Update the One Identity Manager Service on the update server.
Run the autorun.exe program from the root directory on the One Identity Manager installation medium.
Change to the Installation tab. Select the Edition you have installed.
To update a One Identity Manager Active Directory Edition, switch to the Other Products tab and select the One Identity Manager Active Directory Edition entry.
Click Install.
This starts the installation wizard.
Follow the installation instructions.
IMPORTANT: On the Installation Settings page, select the directory for your current installation as the installation directory. Otherwise the components are not updated and a new installation is created in the second directory instead.
Check the login information of the One Identity Manager Service. Specify the service account to use.
Start the One Identity Manager Service on the update server.
Update other installations on workstations and servers.
You can use the automatic software update method for updating existing installations.
To update synchronization projects to version 9.0
If you have set up synchronization projects for connecting cloud applications in the Universal Cloud Interface, update the target system schema in these synchronization projects using the Synchronization Editor.
Any required changes to system connectors or the synchronization engine are made available when you update One Identity Manager. These changes must be applied to existing synchronization projects to prevent target system synchronizations that are already set up, from failing. Patches are made available for this.
NOTE: Some patches are applied automatically. A process that migrates all existing synchronization project is queued in the Job queue to do this. To run the process, the One Identity Manager Service must be started on all synchronization servers.
Check whether the process DPR_Migrate_Shell has been started successfully.
If the patch cannot be applied because the target system could not be reached, for example, you can manually apply it.
For more information, see Applying patches to synchronization projects.
To update an application server to version 9.0
After updating the One Identity Manager database's schema, the application server starts the automatic update.
To start the update manually, open the application's status page in the browser and select Update immediately from the current user's menu.
To update the Web Designer Web Portal to version 9.0
NOTE: Ensure that the application server is updated before you update the Web Designer Web Portal.
To update the Web Designer Web Portal automatically, connect to the runtime monitor http://<server>/<application>/monitor in a browser and start the web application update.
To manually update the Web Designer Web Portal, uninstall the existing Web Designer Web Portal installation and reinstall the Web Designer Web Portal. For more instructions, see the One Identity Manager Installation Guide.
To update an API Server to version 9.0
After updating the One Identity Manager database schema, restart the API Server. The API Server is updated automatically.
To update the Operations Support Web Portal to version 9.0
(As from version 8.1.x) After updating the API Server, the Operations Support Web Portal is also current.
(As from version 8.0.x)
Uninstall the Operations Support Web Portal.
Install an API Server. For more instructions, see the One Identity Manager Installation Guide.
To update the Manager web application to version 9.0
Uninstall the Manager web application
Reinstall the Manager web application.
The default Internet Information Services user requires edit permissions for the Manager's installation directory to automatically update the Manager web application Check whether the required permissions exist.
|
|
CAUTION: Patches do not alter custom changes in synchronization projects. This means that conflicts may occur if patches are applied to synchronization projects that have been customized. It may cause loss of data. Before you apply a patch
|
NOTE: If you update existing synchronization projects, the connection parameters from the default variable set are always used. Ensure that the variables in the default variable set contain valid values.
To apply patches
In the Synchronization Editor, open the synchronization project.
Select the Edit > Update synchronization project menu item.
In Available patches, select the milestone you want to implement.
In Details - Installation summary, all dependent patches are displayed in order of installation.
Click Apply selected patches.
Enter any user input as prompted.
(Optional) In Available patches, select the patches for new functions that you want to apply. Multi-select is possible.
In Details - Installation summary, all patches are displayed in order of installation.
Click Apply selected patches.
Enter any user input as prompted.
Use the patch log to check whether customization need to be reworked.
If required, rework customizations in the synchronization configuration.
Run a consistency check.
Simulate the synchronization.
(Optional) Activate the synchronization project.
NOTE: A patch does not take effect until the changes associated with it are saved in the database. If consistency check or simulation errors occur that cannot be corrected, you can dismiss the patch changes by reloading the synchronization project without saving the changes.
For detailed information about updating synchronization projects, see the One Identity Manager Target System Synchronization Reference Guide.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center
