Chat now with support
与支持团队交流

Identity Manager 8.1 - Installation Guide

About this Guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing and updating an application server Installing the API Server Installing, configuring and maintaining the Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Error handling Appendix: Creating a One Identity Manager database for a test or development environment from a database backup Appendix: Extended configuration of the Manager web application Appendix: Machine roles and installation packages Appendix: Settings for a new SQL Server database

Configuring the Web Portal

Web Portal configuration covers a number of settings. The configuration is saved in the web application configuration files web.config, NLog.config and monitor.config, which are found in the base directory of the web application, and in the table QBMWebApplication of the One Identity Manager database.

Use the Web Designer Configuration Editor (WebDesigner.ConfigFileEditor.exe) to edit the web.config configuration file.

Connection strings and login data are automatically encrypted in the configuration files noted above with the default Microsoft ASP.NET cryptography.

To configure a web application

  1. Start the program WebDesigner.ConfigFileEditor.exe from the installation directory of the web application.
  2. Select the configuration file web.config in the Open configuration file view and click Open.
  3. Select the required authentication procedure and log on.

    Make the configuration settings in the individual areas of the Web Designer Configuration Editor.

Detailed information about this topic

Configuring the database connection

The current connection settings for the Web Portal can be viewed in the Web Designer Configuration Editor in the Database connection view. You can customize the settings as required.

To select a new database connection

  1. Open the Web Designer Configuration Editor.
  2. In the Database connection area, click Enter new connection.
  3. Select the system type and enter the connection data.
    • For the system type SQL Server, enter the following information.

      Table 39: SQL Server Database Connection Data
      Data Description

      Server

      Database server.

      Windows authentication

      Specifies whether integrated Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

      User

      SQL Server Login name.

      Password

      SQL Server login password.

      Database

      Database.

    • For the system type Application server, enter the URL.

Note: In the Options menu, select either Test connection or Advanced options as required.

Related Topics

Authentication data for the web application

The authentication data for the web project and subprojects is configured in the Web Designer Configuration Editor in the Web project area. For detailed information about the authentication modules, see the One Identity Manager Authorization and Authentication Guide.

Table 40: Authentication data for the web project

Setting

Description

Web project

Name of the web project.

Authentication module

Authentication module for logging on to the web project.

Note: Some authentication modules support single sign-on. In such cases, a corresponding message is shown beneath selection.

Perform single sign-on, if an error occurs, using the following module.

If the module selected under Authentication module supports single sign-on, you have the option to specify an alternative authentication method here. This authentication method is used as a fall-back if single sign-on fails for any reason.

Debugging

Activate this option if you want to use a debugging environment.

OAuth

If you use the authentication modules OAuth 2.0 / OpenID Connect or OAuth 2.0 / OpenID Connect (role-based), you make the configuration settings here.

OAuth 2.0 / OpenID Connect configuration

Select the OAuth 2.0 / OpenID Connect configuration that you want to adjust.

Client ID for OAuth authentication

ID of the application on the identity provider.

Example: urn:OneIdentityManager/Web

Issuer information for the OAuth certificate

This is used to find the certificate in the certificate store. Either the thumb nail or the issuer of the certificate is required.

For example: O=[company name], OU=[organizational unit], CN=[server IP]

OAuth Resource

Uniform Resource Name (URN) of the resource to be queried. Only required if the identity provider requires this value.

Fingerprint for the OAuth certificate

Fingerprint of the certificate used to verify the security token. Either the thumb nail or the issuer of the certificate is required.

Endpoint

Uniform Resource Locator (URL) of the certificate end point on the authorization server.

For example: https://certificateServer/certificate.crt

Authentication data for subprojects

Authentication data for subprojects.

To enter or change authentication data for a sub project

  1. Open the Web Designer Configuration Editor.
  2. In the Web project area, next to the Authentication for sub projects is missing message, click .
  3. Mark the project marked in red in the edit window.
  4. In the Authentication method area, select the required authentication procedure and enter the required login information.
  5. Click OK.

Logging for the web application

The settings for logging the web application are configured in the Web Designer Configuration Editor in the Log area. This view is divided into:

  • General
  • Application log
  • Event log
  • Database log
Table 41: General settings for logging

Setting

Description

Application

Name of the web application.

Company name

Name of the company that uses the web application.

Product title

Software manufacturer’s product name

Log directory

Directory in which the log files of the web application are saved. The web server process must have write access to this folder.

Table 42: Application log settings

Setting

logging

Severity

Severity level of the log.

Archive every

Maximum runtime of a log file before it is renamed. When a log file has reached its maximum age, the file is renamed and a new log file is started.

Archive numbering

Specifies whether the archive files of the application log are numbered in ascending or descending order.

Table 43: Event log settings

Setting

Description

Severity

Severity level of the log.

Table 44: Database log settings

Setting

Description

Severity

Severity level of the log.

Archive every

Maximum runtime of a log file before it is renamed. When a log file has reached its maximum age, the file is renamed and a new log file is started.

Archive numbering

Specifies whether the archive files of the database log are numbered in ascending or descending order.

Table 45: Permitted severities
Severity Level Description

Off

No information is logged.

Trace Logs highly detailed information. This setting should only be used for analysis purposes. The log file quickly becomes large and cumbersome.
Debug Logs debug steps. This setting should only be used for testing.
Info Logs all information.
Warning Logs all warnings.
Error Logs all error messages.
Fatal Logs all critical error messages.
相关文档