Chat now with support
Chat with Support

Password Manager 5.9.5 - Administration Guide (AD LDS edition)

About Password Manager Getting Started Upgrading Password Manager Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow Overview Custom Workflows Custom Activities Self-Service Workflows Helpdesk Workflows User Enforcement Rules
General Settings Password Policies One Identity Hybrid Subscription One Identity Starling Reporting Appendix A: Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Appendix C: Customization Options Overview Glossary

In-place upgrade from 5.8.2 to 5.9.5

Upgrading Password Manager

This section briefs about the process to upgrade Password Manager to the latest version (5.9.5).

NOTE:

  • It is recommended to back up the current configuration by exporting the settings from 5.7.1 or later versions. For more information, see To export configuration settings from Password Manager for AD LDS 5.7.1 or later versions.
  • Running the Migration Wizard is not required while upgrading from Password Manager 5.7.1 or later versions to 5.9.5.
  • If you want to upgrade to 5.9.x, it is recommended to reinstall the license file from the Administration site once the upgrade is complete. Before installing the license, delete the existing SoftLicense binary value from [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Quest Software] registry key.

  • Any workflows that are customized in the previous versions of Password Manager should be manually merged with the workflow of the latest version of the Password Manager to avoid any end user data corruption.

    For example, changes made to the Register workflow (Self-Service workflows) such as addition/update of any authentication steps to the default configuration, should be manually recreated after upgrade to PM 5.9.5.

  • Replication must be enabled for the successful installation of Password Manager 5.9.5.

  • To update storage files with new encryption mechanism, all realm instances must be updated with the Password Manager 5.9.5 configuration and must have the same encryption key.

    To perform the same, login to PMAdmin site from the primary server, Navigate to General Settings > Import/Export > Export. Copy and Save the password securely. Import this configuration data in all the PM secondary replication instances by selecting the exported configuration data and providing the password.

  • If the secondary instances are not updated with new configuration, a notification will be displayed in Administration site as 'Import configuration settings from primary instance”.

    In the replication instances, Navigate to General Settings > Import/Export > Import, select the exported data from the primary server and input the password saved.

  • Shared.storage file will be encrypted and copied to Active Directory only when all replication instances are updated with Password Manager 5.9.5 configuration and encryption key.

  • When all the realm instances are updated with Password Manager 5.9.5, Q&A profiles of users will be updated with new encryption key when one of the following is performed:

    • User updates Q&A profile

    • Run Migration wizard to update all the user profiles automatically

 

This section consists of the following topics:

 

To export configuration settings from Password Manager for AD LDS 5.7.1 or later versions

  1. Connect to the Administration site by typing the Administration site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdminADLDS/.
  2. On the left pane, click GeneralSettings, and click the Import/Export tab and select the Export configuration settings option, and then click Export.

After you have exported configuration settings from Password Manager 5.7.1 or later versions, you can uninstall it.

To uninstall Password Manager for AD LDS 5.7.1 or later versions

  1. Click Start, click Run, type appwiz.cpl, and then press ENTER.
  2. Select One Identity Password Manager for AD LDS x86/x64 in the list, and then click Uninstall.

After you uninstall Password Manager 5.7.1 or later versions, install Password Manager 5.9.5 on the same computer. All configuration settings will be automatically detected by the new version.

Manual upgrade from 5.7.1 or later versions

Uninstall Password Manager 5.7.1 or later versions, and then install Password Manager 5.9.5 on the computer where Password Manager 5.7.1 or later versions was installed. For more information, see To uninstall Password Manager for AD LDS 5.7.1 or later versions section.

  1. From the autorun window of the installation CD, click Install against Password Manager x64 option. Read the content and click Next.
  2. Select I accept the terms in License Agreement check box, and then click Next.
  3. In the User Information page, enter the user details such as the username and the organization to which the user belongs to, and then click Next.
    1. To verify licenses information, click Licenses… and then check the statuses of the license.

NOTE: If the license has expired, click Browse license… and select the appropriate license to continue the Password Manager service.

  1. In the Custom Setup page, click the respective option that needs to be installed, and then click Next.
  2. In the Password Manager Service Account Information page, the account name appears by default. Enter the password, and then click Next.

NOTE: To change the account name, click Browse… and select the appropriate Password Manager service account name.

  1. In the Specify Web Site and Application Pool Identity page, choose the website name, and in the Application pool identity section, the account name appears by default. Enter the password, and then click Next .

NOTE: To change the account name, click Browse… and select the appropriate Application Pool Identity account name.

  1. After completing the above process, click Install.

Upon successful installation, the Password Manager installs the following sites:

  • Administration Site
  • Helpdesk Site
  • Password Manager Self-Service Site

NOTE:

  • Make sure that you have taken a back up of the current configuration settings. For more information, see To export configuration settings from Password Manager for AD LDS 5.7.1 or later versions.
  • After you uninstall Password Manager 5.7.1 or later versions, all configuration settings will be automatically detected by the new version. For more information on how to install Password Manager, see Installing Password Manager .
  • If you have multiple Password Manager instances installed, when upgrading them, you may experience the following issue: the Realm Instances page of the Administration site displays an incorrect list of installed instances. After you upgrade all instances, the page will display the correct list.

 

IMPORTANT:

  • Switch to the Password Manager Self-Service site option is displayed only in case of in place upgrade.
  • In case of Manual upgrade to 5.9.5, the Self-Service site gets replaced as Password Manager Self-Service site. Hence, post Manual upgrade, you can see only one Self service site (Password Manager Self-Service Site) and legacy self-service site is no more accessible, by default.
  • In case of Manual upgrade, if the Legacy Self-Service site is required, Admin has to install it exclusively, in addition to the existing Password Manager Self Service site. In this case, point to note is that the Enabling Self-Service UI 5.9.5 (Switch to Self-service site (5.9.5 onwards) option will not be applicable.

Password Manager Architecture

Password Manager Components and Third-Party Solutions

This section provides information Password Manager components and third-party applications that can be used by Password Manager.

The following is a list of Password Manager components:

The following is a list of third-party applications that can be used by Password Manager:

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating