Chat now with support
Chat with Support

Starling CertAccess Hosted - Administration Guide for One Identity Active Roles Integration

About this guide Starling CertAccess basics The Starling CertAccess Agent architecture Setting up initial synchronization Starling CertAccess Agent system requirements Installing, updating, and uninstalling Starling CertAccess Agent components Working with the Starling CertAccess Agent

Permissions required for synchronizing with One Identity Active Roles

It is recommended to set up a separate user account to use for connecting to Active Directory through for Active Roles. Use Active Roles Access Templates for the configuration. By using access templates, you delegate administration-relevant permissions to an Active Directory user account but without issuing the permissions directly in Active Directory. For more information about Active Roles Access Templates, see your One Identity Active Roles documentation.

The following Access Templates are suggested for delegating permissions:

  • All Objects - Read All Properties

  • All Objects - Full Control

Starling CertAccess Agent works without controlling Active Roles workflows. To avoid any existing Active Roles workflows, you must add the user account to the Active Roles administrators group.

  • Up to and including Active Roles version 6.9, the administrative group is created during installation of Active Roles. The name of the group is saved in the registry database under:

    • Registration key: HKEY_Local_Machine\Software\Aelita\Enterprise Directory Manager

    • Value: DSAdministrators

  • As from Active Roles version 7.0, you edit the Active Roles Admins in the Active Roles Configuration Center. If a user account is entered in the Active Roles Configuration Center as an Active Roles Admin, this use account must be used. For more information about editing the group or the user account for administrative access, see your One Identity Active Roles documentation.

Installing, updating, and uninstalling Starling CertAccess Agent components

To be able to work with Starling CertAccess, install the Starling CertAccess Agent components on an administrative workstation and on a server. Install the following components:

  • Workstation: Starling CertAccess Launchpad

  • Server: Starling CertAccess Service

All components are automatically updated when your Starling CertAccess instance is updated. To uninstall the components, use the Windows standard functionality for uninstalling programs on the workstation and the server.

Detailed information about this topic

Installing the Starling CertAccess Agent on a workstation

You install the Starling CertAccess Agent on an administrative workstation. An installation wizard helps you with the Starling CertAccess Agent installation.

IMPORTANT: Before you begin the installation, ensure that the workstation fulfills all the system requirements. For more information, see Starling CertAccess Agent system requirements.

To install the Starling CertAccess Agent

  1. Unpack the Starling CertAccess Agent installation package in a temporary directory on the administrative workstation.

  2. Start the autorun.exe file from the temporary directory.

    This starts the installation wizard.

  3. On the start page, select the language for the installation wizard.

  4. Confirm the conditions of the license.

  5. On the Installation settings page, enter the following information.

    • Installation source: Select the temporary directory containing the installation files.

    • Installation directory: Select the directory in which you want to install the files for the Starling CertAccess Agent.

      NOTE: To make additional changes to the configuration settings, click on the arrow button next to the input field. Here, you can specify whether you are installing on a 64-bit or a 32-bit operating system.

      For a standard installation, no further configuration settings are necessary.

  6. On the last page of the installation wizard, click Start to run the Starling CertAccess Launchpad.

  7. Click Finish to close the installation wizard.

The Starling CertAccess Agent is installed for all user accounts on the workstation. In the default installation, Starling CertAccess Agent is installed under:

  • %ProgramFiles(x86)%\One Identity (on 32-bit operating systems)

  • %ProgramFiles%\One Identity (on 64-bit operating systems)

Related topics

Updating the Starling CertAccess Agent

If your Starling CertAccess instance has been update, the Starling CertAccess Agent updates automatically the next time the Launchpad starts. This loads the newest version of the Starling CertAccess Agent and installs it. Starling CertAccess Agent components are also updated automatically on the Job server.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating