Chat now with support
与支持团队交流

Identity Manager 8.1 - Installation Guide

About this Guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing and updating an application server Installing the API Server Installing, configuring and maintaining the Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Error handling Appendix: Creating a One Identity Manager database for a test or development environment from a database backup Appendix: Extended configuration of the Manager web application Appendix: Machine roles and installation packages Appendix: Settings for a new SQL Server database

Updating One Identity Manager components

You can use the automatic software update method for updating the workstations and servers.

In some cases it may be necessary to update the workstations and servers manually using the installation wizard. This might be required, for example, if there are a significant number of new changes with a One Identity Manager version update, which do not allow the use of automatic update.

NOTE: When changing versions, use the installation wizard to update the workstation on which the schema installation of the One Identity Manager database is started.

To update a workstation using the installation wizard

  1. Execute the program autorun.exe from the root directory on the One Identity Manager installation medium.

  2. Change to the Installation tab. Select the edition you have installed and click Install.

  3. This starts the installation wizard. Select the language for the installation wizard on the start page and click Next.

  4. Confirm the conditions of the license.

  5. On the Installation settings page, enter the following information.

    Table 29: Settings for the installation

    Setting

    Description

    Installation source

    Select the directory containing the installation files.

    Installation directory

    Select the directory of your previous One Identity Manager installation. Otherwise the components are not updated and a new installation is created in the second directory instead.

    Note: To make further configuration settings, click on the arrow button next to the input field. Here, you can specify whether you are installing on a 64-bit or a 32-bit operating system.

    For a standard installation, no further configuration settings are necessary.

    Select installation modules using the database

    Set this option to load the installation information using the existing One Identity Manager database.

    NOTE: Leave this option empty to install the workstation on which you start the One Identity Manager schema installation.

    Add further modules to the selected edition

    Set this option to add additional One Identity Manager modules to the selected edition

  6. On the Module selection page, also select the modules to be installed.

    NOTE: This page is only shown if you set the option Add more modules to the selected Edition.

  7. Enter the database connection data on Connect to database.

    Note: This page is only shown if you have set the Select installation modules with existing database option.

    1. Select the connection in Select a database connection.

      - OR -

      Click on Add new connection, select a system type and enter connection data.

      Table 30: SQL Server Database Connection Data
      Data Description

      Server

      Database server.

      Windows authentication

      Specifies whether integrated Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

      User

      SQL Server Login name.

      Password

      SQL Server login password.

      Database

      Database.

    2. In the Authentication method area, select the authentication module and enter the logon data for the system user ID.

      Which login data you require depends on the authentication module selected.

  8. On the Assign machine roles page, define the machine roles.

    Note: The machine roles appropriate for the One Identity Manager modules are activated. All machine subroles are selected when you select the machine role. You can deselect individual packages.
  9. You can start different programs for further installation on the last page of the install wizard.

    • To perform installation of the One Identity Manager schema, start the Configuration Wizard and follow the instructions of the Configuration Wizard.

      Note: Perform this step only on the work station on which you start the installation of the One Identity Manager schema.

    • To create the configuration of the One Identity Manager Service, start the program Job Service Configuration.

      Note: Execute this step only on servers on which you have installed the One Identity Manager Service.

  1. Click Finish to close the installation wizard.
  2. Close the autorun program.

To update the One Identity Manager Service using the installation wizard

  1. Open the service management of the server and close the One Identity Manager Service.
  2. Update the One Identity Manager components with the installation wizard.
  3. Check the login information of the One Identity Manager Service. Revert to the original settings if the One Identity Manager Service did not initially use the local system account for logging in. Specify the service account to be used.
  4. Start the One Identity Manager Service in service management.
Related Topics

Updating the One Identity Manager database

Automatic version control is integrated into One Identity Manager, ensuring that One Identity Manager components are always consistent with each other and with the database. If program extensions that change the structure are implemented, for example, table extensions, the database needs to be updated.

You need to update the database if hotfixes and service packs for your installed version of One Identity Manager are available or complete version updates. In addition, customer-specific changes must be transferred from a development database into the test database and into the production system database.

IMPORTANT: Test changes in a test system before you load a transport package in a productive system.

The One Identity Manager schema is customized by loading so-called ‘transport packages’. One Identity Manager recognizes the following types of transport packages that can be copied to the database depending on requirements.

Table 31: Transport package
Transport Package Type Description Tool Used

Migration package

Migration packages are provided by for the initial database schema installation, for service pack and complete version updates. A migration package contains all the necessary tables, data types, database procedures, and the default One Identity Manager configuration.

Configuration Wizard

Hotfix package

Hotfix packages are provided to load individual corrections to the default configuration such as templates, scripts, processes, or files into the database.

NOTE: If a hotfix package only contains changed files, load these files into the database using the Software Loader file.

Database Transporter

Software Loader

Custom configuration package

A custom configuration package is used to exchange customer specific changes between the development, test and productive system database. This transport package is created by the customer and loaded into the database.

Database Transporter

NOTE: If more custom configuration adjustments are made to a One Identity Manager database, then create a custom configuration package and import this transport package in the target database with the Database Transporter. There is no support for merging a hotfix package with a custom configuration package into one transport package.

Related Topics

Notes on updating the One Identity Manager database

  • Test changes in a test system before you load a migration package in a production system. Use a copy of the production database for testing.

  • Before you update the One Identity Manager schema, ensure that the administrative system user who is going to compile the database has a password. Otherwise the schema update cannot be completed successfully.

  • Use the Configuration Wizard to update the One Identity Manager database if you have received a service pack or complete version update. The Configuration Wizard carries out the update of the schema and transfers the current status to the version history.

  • For performance reasons, we recommend that you set the database to the Simple restore model during the schema update.

  • Start Configuration Wizard on an administrative workstation.

  • Select a user who has at least administrative permissions for the One Identity Manager database to update the One Identity Manager schema with the Configuration Wizard.

    • Use the same user as you used for initially installing the schema.

    • If you created an administrative user during schema installation, use that one.
    • If you selected a user with Windows authentication to install the schema, you must use the same one for updating.

  • For the period of the update, the database is set to single user mode. Close all existing connections to the database before starting the schema update.

  • After the update has completed, the database is automatically switched to multiuser mode. If it is not possible, you receive a message in which you can manually switch to multiuser mode.

  • You may experience problems activating single-user mode when using database mirroring.

  • During the update, calculation tasks are queued in the database. These are processed by the DBQueue Processor. Processing calculation tasks may take some time depending on the amount of data and system performance.

    This is particularly the case, if you save large amounts of historical data in the One Identity Manager database such as change data or data from process handling.

    Therefore, ensure that you have configured an appropriate procedure for archiving the data before you update the database. For more information about archiving data, see the One Identity Manager Data Archiving Administration Guide.

  • To ensure that HTML applications are be successfully compiled, you must download packages from the NPM repository. Ensure that the workstation you are compiling on, can establish a connection to the website registry.npmjs.org:443.

    Alternatively, you can download packages from a proxy server and install them manually.

Detailed information about this topic

Updating the One Identity Manager database with the Configuration Wizard

IMPORTANT: Test changes in a test system before you load a migration package in a productive system. Use a copy of the production database for testing.

NOTE: Always start the Configuration Wizard on an administrative workstation!

To update a database

  1. Start the Configuration Wizard.
  2. Select Update database on the Configuration Wizard home page and click Next.
  3. Select the database and install directory on the Select database page.
    1. Select the connection in Select a database connection Select a user who has at least administrative permissions for the One Identity Manager database.

    2. Select the directory with the installation files in Installation source.

  4. Configuration modules and version information are shown in the Product description page.

    1. Select the module you want to update.
    2. Confirm that you have an up-to-date backup of database.
    3. Confirm that the database consistency checks were executed.
    4. Set Add other modules to select other modules.
  5. Select the additional module on the Select configuration modules page.

    NOTE: This page is only shown if you set Add more modules.

    NOTE: If you add more modules, your custom administrative users obtain the permissions for this module.

  6. Other users with existing connections to the database are displayed on the Active sessions page.

    • Disconnect the connections on order to start database processing.
  7. On the Create a new login for administrators page, decide which SQL server login to use for administrative users.

    NOTE: This page is only shown when updating a One Identity Manager database with version 7.0, 7.1 or 8.0 to version 8.1.

    You have the following options:

    • Create new SQL Server logins for the database: Select this option if you want to set up a new administrative login on the SQL Server. Other SQL Server logins with permissions for system configuration and for end users are created after the database has been migrated.

      Enter the login name, password and password confirmation for the new SQL Server login.

    • Use the current SQL Server login for the database: If you select this option, no other SQL server logins are created for the database. In this case, you cannot work with granular permissions concepts at SQL level. The user you specified is used to connect to the database.

      NOTE: If you want to switch to granular permissions at a later time, contact Support. To access the Support Portal, go to https://support.oneidentity.com/identity-manager/.

  8. Error that prevent processing the database are displayed on the Database check page. Correct the error before you continue updating.

  9. The installation steps are shown on the Processing database page. Installation and configuration of the database is automatically carried out by the Configuration Wizard.

    TIP: Set Advanced to obtain detailed information about processing steps and the migration log.

    1. You must login as an administrative user to compile the system.
      1. Enter a user name and password for the administrative system user.
      2. Click Log in.
    2. Once processing is complete, click Next.
  10. On the Create SQL server logins page, enter the login name, the password and password confirmation for the SQL Server logins for configuration users and end users.

    NOTE: This page is only shown when updating a One Identity Manager database with version 7.0, 7.1 or 8.0 to version 8.1.

  11. You can configure the vendor notification on the page, Configure vendor notification.

    NOTE: This page is only shown of you have not yet enabled vendor notifications.

    If vendor notification is enabled, One Identity Manager generates a list of system settings once a month and sends it to One Identity. This list does not contain any personal data. The list will be reviewed by our customer support team who will look for material changes in a proactive effort to identify potential issues before they materialize on your system. The lists may be used by our R&D staff for analysis, diagnosis, and replication for testing purposes. We will keep and refer to this information for as long as your company remains on support for this product.

    1. To use the function, set Enable vendor notification and enter your company's contact email address in Email address for contact.

      The email address is used as the sender address for notifying vendors.

    2. Set Disable vendor notification if you do not want to use this functionality.
  12. Click Finish on the last page of Configuration Wizard.
Related Topics
相关文档