Chat now with support
Chat with Support

The Quest and One Identity Support Portals will be unavailable on Friday July 10, 2020 from 5:30 PM to 6:30 PM for website maintenance.

Password Manager 5.8.2 - Administrator Guide (AD LDS edition)

About Password Manager Getting Started Upgrading Password Manager to 5.8.1 Password Manager Architecture Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow Overview Custom Workflows Custom Activities Self-Service Workflows Helpdesk Workflows User Enforcement Rules
General Settings Password Policies One Identity Hybrid Subscription One Identity Starling Reporting Appendix A: Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Appendix C: Customization Options Overview Glossary

Reporting Services Default Configuration

The SQL Server Reporting Services component and the Management Tools component must be installed in order to use the Password Manager Reporting functionality. Make sure you select the required features when running the Microsoft SQL Server Setup.

Use the Reporting Services Configuration tool to configure SQL Server Reporting Services. If you installed a report server using the Install but do not configure the server option, you must use this tool to configure the server prior to using it. If you installed a report server using the Install the default configuration option, you can use this tool to verify or modify the settings that were specified during setup.

It is recommended to select the Install the default configuration option during SQL Server and Reporting Services setup on the Report Server Installation Options page of the Setup Wizard. In most cases this will save you much time and effort as long as Reporting Services default configuration is concerned.

Reporting Services Configuration tool can be used to configure a local or a remote report server instance. You must have local system administrator permissions on the computer that hosts the report server you want to configure.

 NOTE: Please note that remote data sources are not supported by SQL Server Reporting Services included in Microsoft SQL Server Express Edition.

To configure the Reporting Services default configuration

  1. Start the Reporting Services Configuration tool.
  2. Enter the SQL Server machine name and the Report Server Instance name and then click Connect.

IMPORTANT: Sequentially configure the Report Server options listed in the left pane of the Reporting Services Configuration tool. There must not be any Not configured options after the configuration is finished.

 

  1. Open the Report Server Virtual Directory Settings section.
  2. Click New to create a new virtual directory. This opens a dialog box with the default settings entered. To accept the default settings click OK.
  3. Click Apply.
  4. Check the Apply default settings checkbox and click Apply.
  5. Open the Report Manager Virtual Directory Settings section.
  6. Click New to create a new virtual directory. This opens a dialog box with the default settings entered. To accept the default settings click OK.
  7. Click Apply.
  8. Open the Web Service Identity section.
  9. Click Apply to accept the default application pool names for the Report Server and the Report Manager

- OR -

Click New to specify your own application pool names.

  1. Click Apply.

The Reporting Services feature requires an SQL Server database (different from the Password Manager database) to store report server service data.

You can create the report server database in the following ways:

  • Automatically through Setup, if you choose the default configuration installation option in the SQL Server Installation Wizard, by selecting the Install the default configuration option in the Report Server Installation Options page.
  • Manually through Reporting Services Configuration tool.

To create a report server database

  1. Start the Reporting Services Configuration tool and connect to the report server instance you want to configure (the default instance name is MSSQLSERVER for SQL Server and SQLEXPRESS for SQL Server Express Edition).
  2. In the Database Setup page, click Connect. This opens a SQL Server Connection dialog box.
  3. Type the name of the SQL Server database engine you want to use.
  4. Select the type of credentials used to connect to the SQL Server. You can specify a SQL Server login or use your credentials. The credentials you specify must have permission to log on to the server. Click OK.
  5. In the Database Setup page, click New. This reopens the SQL Server Connection dialog box.
  6. Type the name of the SQL Server database engine and select credentials. The credentials you specify must have permission to create a database.
  7. Type the name of the report server database. A temporary database is created along with the primary database.
  8. Choose the language to use, and then click OK.
  9. In the Database Setup page, specify the credentials used by the report server to connect to the report server database.
    • Select the Service credentials option to use the Windows service account and Web service account to connect through integrated security.
    • Select the Windows credentials option to specify a domain user account. A domain user account must be specified as <domain>\<user>.
    • Select the SQL Server credentials option to specify a SQL Server login.
  10. Click Apply.

A report server database can be created on a local or on a remote SQL Server database engine instance.

When you finish the Report Server configuration please restart the Report Server instance for the changes to take effect. You can restart the Report Server by sequential clicking the Stop button and then the Start button at the Server Status tab of the Reporting Services Configuration tool. If the configuration is performed correctly, the Initialization will be successfully passed for the Report Server instance.

Follow this checklist to verify Password Manager reporting functionality configuration and settings.

Table 29: Reporting functionality configuration and settings

Step

Reference

Ensure that MS SQL Server with the Reporting Services component is installed and configured.

Refer to MS SQL Server documentation.

Install Password Manager and its components.

Refer to Installing Password Manager.

Ensure that the DefaultAppPool, PMAdminADLDS, PMUserADLDS, PMHelpdeskADLDS, and ReportServer application pools are running in the IIS Manager on the Password Manager and the Report Services servers. If any of these pools are not running – start them manually.

 

Ensure that the Default Web Site is running in the IIS Manager on the Password Manager and the Report Services servers. If the web site is not running – start it manually.

 

Connect to the Reporting Services server through Password Manager Administration site.

 

The interactive Web-based reports are built using the data that the report server retrieves from the Password Manager SQL database.

For more information on Reporting Services setup and configuration, refer to SQL Server documentation.

Reporting Services Firewall Issues

If Password Manager fails to operate properly when Reporting Services are separated from Password Manager by a firewall, specific ports should be open in the firewall.

To get the complete list of Password Manager server port numbers, that have to be open for the application to function properly, see Appendix B: Open Communication Ports for Password Manager for AD LDS.

 

Appendix A: Accounts Used in Password Manager for AD LDS

Appendix A: Accounts Used in Password Manager for AD LDS

The following accounts can be used in Password Manager:

  • Password Manager Service account
  • Application pool identity
  • Access account for AD LDS
  • Password policy account
  • Account for One Identity Quick Connect

Password Manager Service Account

Password Manager Service account is used to install Password Manager. For Password Manager to run successfully, Password Manager Service account must be a member of the Administrators group on the Web server where Password Manager is installed.

Related Documents