Chat now with support
Chat with Support

Identity Manager 9.1.1 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing additional modules for a existing One Identity Manager installation Installing and updating an application server Installing the API Server Installing, configuring, and maintaining the Web Designer Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Advanced configuration of the Manager web application Machine roles and installation packages Configuration parameters for the email notification system How to configure the One Identity Manager database using SQL Server AlwaysOn availability groups

Installing One Identity Manager components

An installation wizard is available to help you through the installation of One Identity Manager components on workstations and servers.

NOTE: Always start installing administration and configuration tools on an administrative workstation if possible.

NOTE: On Linux operating systems, use of oneidentity/oneim-installer docker images is recommended.

To install the One Identity Manager components

  1. Launch autorun.exe from the root directory of the One Identity Manager installation medium.

  2. Switch to the Installation tab and select an edition.

  3. Click Install.

    This starts the installation wizard.

  4. Select the language for the installation wizard on the start page and click Next.

  5. Confirm the conditions of the license.

  6. On the Installation settings page, enter the following information.

    • Installation source: Select the directory containing the installation files.

    • Installation directory: Select the directory in which you want to install the files for One Identity Manager.

      NOTE: To make further configuration settings, click on the arrow button next to the input field. Here, you can specify whether you are installing on a 64-bit or a 32-bit operating system.

      For a standard installation, no further configuration settings are necessary.

    • Select installation modules using the database: Set this option to load the installation data using the existing One Identity Manager database.

      NOTE: Leave this option empty to install the workstation on which you start the One Identity Manager schema installation.

    • Add further modules to the selected edition: Set this option to add additional One Identity Manager modules to the selected edition.

  7. Enter the database connection data on Connect to database.

    NOTE: This page is only shown if you have set the Select installation modules with existing database option.

    • Select the connection in Select a database connection.

      - OR -

    • Click Add new connection, select the SQL Server system type, and enter the connection data.

      • Server: Database server.

      • (Optional) Windows Authentication: Specifies whether the integrated Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

      • User: The user's SQL Server login name.

      • Password: Password for the user's SQL Server login.

      • Database: Select the database.

  8. On the Module selection page, also select the modules to be installed.

    NOTE: This page is only shown if you set the option Add more modules to the selected Edition.

  9. On the Assign machine roles page, define the machine roles.

    NOTE: When you select the machine role, all machine subroles are selected as well. You can deselect individual packages.

    You can select the following machine roles.

    • Workstation: Contains all basic components for installing tools on an administrative workstation.

    • Workstation |Administration: Contains administration tools required by default users for fulfilling their tasks with One Identity Manager. In addition to the tools that ensure basic functionality for working with One Identity Manager, the administration machine role includes the Manager as a main administration tool.

    • Workstation | Configuration: Contains all tools for the default user and additional programs required to configure the system. These include, for example, the Configuration Wizard, Database Compiler, Database Transporter, Designer, and configuration tools for the One Identity Manager Service.

    • Workstation | Command line administration tools: Contains various command line programs.

    • Workstation | Development and Testing: Contains the tools to develop and test custom scripts, such as the System Debugger.

    • Workstation | Monitoring: Contains programs for monitoring the system status, such as the Job Queue Info.

    • Server: Contains all the basic components for setting up a server.

    • Server | Job Server: Contains the One Identity Manager Service and basic processing components. Additional machine roles contain connectors for synchronizing individual target systems.

    • Server | Job Server | Configuration tool: Contain configuration tool for the One Identity Manager Service.

    • Database Agent: Contains the DatabaseAgentServiceCmd.exe program for running the Database Agent Service from the command line.

    • Documentation: Contains One Identity Manager documentation in different languages.

  10. On the Install WebView2 page you are prompted to install Microsoft Edge WebView2. The user interface of some One Identity Manager components requires Microsoft Edge WebView2 to display certain content.

    NOTE: This page is only shown if you want to install One Identity Manager components that are expecting WebView2 and WebView2 is not yet installed.

  11. On the Change service properties page, you can change the name, display name and the description for installing the One Identity Manager Service.

    NOTE: This page is only shown if you have selected the Server | Job Server machine role.

  12. You can start different programs for further installation on the last page of the install wizard.

    • To install the One Identity Manager schema, start the Configuration Wizard and follow the Configuration Wizard instructions.

      NOTE: Perform this step only on the workstation on which you start the installation of the One Identity Manager schema.

    • To create the configuration of the One Identity Manager Service, start the Job Service Configuration program.

      NOTE: Run this step only on servers on which you have installed the One Identity Manager Service.

  1. Click Finish to close the installation wizard.

  2. Close the autorun program.

One Identity Manager is installed for all user accounts on the workstation or server. In the default installation, One Identity Manager is installed under:

  • %ProgramFiles(x86)%\One Identity (on 32-bit operating systems)

  • %ProgramFiles%\One Identity (on 64-bit operating systems)

Related topics

Installing One Identity Manager components on a Windows terminal server

To install One Identity Manager tools on a Windows terminal server, you need to ensure that the Windows terminal server has been fully installed and configured. This includes profile handling in particular as well as permissions for Windows terminal server use.

NOTE: Ensure that in an Active Directory Domain, the users themselves also have the relevant permissions to use the Windows terminal server.

To install One Identity Manager components on a Windows terminal server:

  1. Log in with a user account that has administrator permissions on the Windows terminal server.

    Logging in using a console connection is recommended. You can use the following calling syntax:

    Start: mstsc /Console /v:<servername>
    with: 
    <server name>: Terminal server name (no leading "\")

  2. Open the command line console (CMD.exe) and switch the Windows terminal server into software installation mode. You can do this with the following command line call:

    CHANGE USER /INSTALL

  3. Start the installation wizard and install the One Identity Manager components as described.

  4. End the software installation mode on the Windows terminal server. You can do this with the following command line call:

    CHANGE USER /EXECUTE

After the installation is complete, anyone who is an authorized Windows terminal server user can start the One Identity Manager tools and use them.

For more information about software installation on Windows terminal servers, refer to the Windows operating system documentation you are using.

Related topics

Installing and configuring a One Identity Manager database

To set up the One Identity Manager database, use the Configuration Wizard. The Configuration Wizard runs the following steps.

  1. Installs the One Identity Manager schema in a database.

    The Configuration Wizard can create a new database and install the One Identity Manager schema. Alternatively, the One Identity Manager schema can be installed in an existing database.

  2. Creates the required SQL Server logins and database users permissions for the administrative user, configuration user, and end user.

  3. Creates administrative system users and permissions groups.

  4. Encrypts the database.

  5. Installs and configures a One Identity Manager Service with direct access to the database for handling SQL processes and automatic server software updates.

  6. Installs and configures the Database Agent Service.

    The Database Agent Service controls processing of DBQueue Processor tasks. The Database Agent Service is deployed through the One Identity Manager Service plugin. Alternatively, the Database Agent Service can be run from the DatabaseAgentServiceCmd.exe command line program.

NOTE: Additional steps are run in One Identity Manager depending on the Edition and Configuration Wizard modules.

Additional steps are required to configure the One Identity Manager database following the schema installation:

  • Configure the database for a test, a development, or a live system.

  • Other system settings may be required for putting individual functions into operation in One Identity Manager.

    Use configuration parameters to configure the behavior of the system's basic settings. One Identity Manager provides default settings for different configuration parameters. Check the configuration parameters and modify them as necessary to suit your requirements.

    Configuration parameters are defined in the One Identity Manager modules. Each One Identity Manager module can also install configuration parameters. In the Designer, you can find an overview of all configuration parameters in the Base data > General > Configuration parameters category.

  • In certain circumstances, it is necessary to store encrypted information in the One Identity Manager database. If you did not encrypt the database when you installed with the Configuration Wizard, use the Crypto Configuration program to encrypt.

  • You can log changes to data and information from process handling in One Identity Manager. All entries logged in One Identity Manager are initially saved in the One Identity Manager database. The proportion of historical data to total volume of a One Identity Manager database should not exceed 25 percent. Otherwise, performance problems may arise. You must ensure that log entries are regularly removed from the One Identity Manager database and archived.

    For more information about process monitoring and process history, see the One Identity Manager Configuration Guide. For more information about archiving data, see the One Identity Manager Data Archiving Administration Guide.

Detailed information about this topic
Related topics

Tips for setting up a One Identity Manager database

  • The following prerequisites must be fulfilled on the workstation from which you want to start the One Identity Manager database setup:

    • Installation of the Configuration Wizard

      Use the installation wizard to install the program. To do this, select the Workstation machine role and the Configuration installation package in the installation wizard.

    • Access to the installation sources

      NOTE: If you copy the installation files to a repository, you must ensure that the relative directory tree remains intact.

    • To ensure that HTML applications are successfully compiled, you must download packages from the NPM repository. Ensure that the workstation you are compiling on, can establish a connection to the registry.npmjs.org:443 website.

      Alternatively, you can download packages from a proxy server and install them manually.

  • An installation user with permissions for installing a One Identity Manager database must exist. If you want to use an administrative user to install a One Identity Manager database, ensure that this user has the required permissions.

    For more information, see Users with granular permission for the One Identity Manager database on an SQL Server and Permissions for the One Identity Manager database in a managed instance in an Azure SQL Database.

  • It is not recommended to select a user with Windows authentication for installing the database. If you decide to use it anyway, ensure that your environment supports Windows authentication. You must use the same user to update the database.

  • If you want to install the One Identity Manager schema in an existing database, ensure that the database has the required settings. For more information, see Settings for the database server and the One Identity Manager database on a SQL Server and Database server settings and the One Identity Manager database in a managed instance in an Azure SQL Database.

  • For One Identity Manager databases on SQL Servers, it is recommended, on performance grounds that you set the database to the Simple recovery model for the duration of the schema installation.

  • Always start Configuration Wizard on an administrative workstation.

  • The program performs a remote installation of One Identity Manager Service.

  • If you start the Configuration Wizard on a server on which you also want to configure a One Identity Manager Service, simply skip the section for installing the service on the local server in the Configuration Wizard. Install the One Identity Manager Service with the installation wizard in this case. For more information, see Installing and configuring the One Identity Manager Service.

  • If you are working with an encrypted One Identity Manager database, see Tips for working with an encrypted One Identity Manager database.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating