Chat now with support
Chat with Support

Identity Manager 9.3 - Installation Guide

About this guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing additional modules for a existing One Identity Manager installation Installing and updating an application server Installing and updating an API Server Installing and updating the Manager web application Logging in to One Identity Manager tools Troubleshooting Advanced configuration of the Manager web application Machine roles and installation packages Configuration parameters for the email notification system How to configure the One Identity Manager database using SQL Server AlwaysOn availability groups

Changing the user account or start type of the One Identity Manager Service

NOTE:

  • In a default installation, the service is entered in the server’s service management with the name One Identity Manager Service.

  • If you change the One Identity Manager Service's user account, you must save the service's configuration file in the service’s install directory again.

  • If you are working with an encrypted One Identity Manager database, see Tips for working with an encrypted One Identity Manager database.

To customize login data and the way the service is started

  1. Open the service management of the server and select the One Identity Manager Service in the list of services.

  2. Open service properties with the Properties context menu item.

  3. On the General tab, change the start type if necessary.

    The Automatic start type is recommended.

  4. Change the user account under which the service runs on the Login tab.

  5. Click Apply.

  6. Close the service's properties with OK.

  7. Start the service from the context menu item Start.

    If the One Identity Manager Service cannot be started, a corresponding message is written to the server event log.

Related topics

The One Identity Manager Service in a cluster

The idea of a cluster solution is to make the system highly available. The goal is to limit system failure to only a few seconds if a hardware or software component fails. This can be achieved with the installation of a Windows cluster solution (only possible with Enterprise servers). The following diagram shows such a solution.

Figure 4: Example of a cluster solution

This cluster is made up of two physical computers Server A and Server B that use the same disk array and have their own individual system hard drive. Every server has a Windows operating system. Both servers are installed identically so that in the case of failure one server can take over from the other.

All redundant system components are managed by the cluster manager. From an external point of view, the cluster is addressed as a single, virtual server Server C. The service or user that is accessing the service is automatically connected to the physical server that is currently carrying out the work in the cluster.

If one of the servers fails, then the redundant server in the cluster automatically takes over. The virtual server remains the contact partner; only the physical server that is running, changes.

Detailed information about this topic

Registering the One Identity Manager Service in a cluster

Once registered, the One Identity Manager Service is governed by cluster handling for site resilience and load balancing. The service is installed on a virtual server that simulates the cluster. All computer-related operations and service data operate, transparently, with the virtual server and not the real computer (cluster nodes). This also applies to clients that contact the service through the server name, for example RPC (ORPC, DCOM), TCP/IP (Winsock, Named Pipes), or HTTP.

Because the service is in the context of the virtual server, note the following facts:

  • The service-specific settings for the node on which the virtual server is located are replicated to all other nodes. Therefore, the service always has the same configuration irrelevant of the node on which it is actually started.

  • The service is always started only on the current node of the virtual server (the virtual server's current node). The service is stopped on all other nodes.

  • The service is booted and shutdown with the virtual server. If the cluster is not enabled, the service is stopped on all nodes.

  • Services on nodes are brought automatically into the required state (Manual or Stopped) before they are registered by the program.

Related topics

Installing and configuring the One Identity Manager Service in a cluster

The installation of server components from the One Identity Manager installation medium needs to be done on all the physical nodes of the cluster.

NOTE: In the configuration of the JobServiceDestination, the Queue parameter must contain the name of the virtual server.

After saving the configuration, the configuration file in the One Identity Manager Service installation directory needs to be copied to all the physical nodes. You must not change the name of the configuration file.

NOTE: One Identity Manager Service configuration is not part of a cluster resource. Thus, each node keeps its own configuration. For this reason, you must ensure that the configuration files on the physical nodes are consistent. If this is not the case, correct functionality cannot be guaranteed after changing cluster nodes.

Setting up a cluster resource for the One Identity Manager Service

In the Cluster Administrator program, set up a new cluster resource for the One Identity Manager Service and make this available online. For information about this procedure, refer to Microsoft Technet under http://technet.microsoft.com/en-us/library/cc787285(WS.10).aspx. Note the following when creating the cluster resource:

  • Select the Generic Service resource type.

  • Select the following One Identity Manager Service dependencies.

    • Cluster IP address

    • Cluster name

    • Quorum; for example, disc: D

  • Do not enter additional registration keys.

NOTE: After setting up the One Identity Manager Service in a cluster system it is advisable to simulate a failover so that possible problems with the cluster do not arise during live operations.

Storing the One Identity Manager Service log file on a shared volume

  • In the Cluster Administrator program, set up a new cluster resource for the and make this available online. Note the following when creating the cluster resource:

    • Select the File Share resource type.

    • Select at least the following dependency:

      One Identity One Identity Manager Service

  • In the configuration file of the One Identity Manager Service, adapt the directory information in the Log file (OutPutFile) parameter of the log writer.

  • Copy the configuration file to all the physical cluster nodes in the One Identity Manager Service install directory after you have changed it.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating