Identity Manager 8.1 - Installation Guide

About this Guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing and updating an application server Installing the API Server Installing, configuring and maintaining the Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Error handling Appendix: Creating a One Identity Manager database for a test or development environment from a database backup Appendix: Extended configuration of the Manager web application Appendix: Machine roles and installation packages Appendix: Settings for a new SQL Server database

Installing the Manager web application

One Identity Manager requires each web application to be defined in one language. If you wish to publish an application in two languages, you must install two separate applications. Web Installer installs one application per language by default.

You can define a language pool for these applications if several application are running at once. If a user calls up a web application from the language pool, he is automatically diverted to the web application which matches his language. It is, therefore, not important to declare all the web application URLs in the language pool.

This mechanism also allows you to achieve simple load balancing.

IMPORTANT: Start the Manager web application installation on the server.

To install the Manager web application

  1. Launch autorun.exe from the root directory of the One Identity Manager installation medium.
  2. Go to the Installation tab and select the entry Web based components and click Install. Starts the Web Installer.
  3. On the start page of the Web Installer, select ManagerInstall web application and click Next.
  4. On the Database connection page, enter the connection credentials for the One Identity Manager database.
  5. Configure the following settings on the Select setup target page.
    Table 49: Settings for the installation target
    Setting Description
    Application name Name used as application name, as in the title bar of the browser, for example.
    Target in IIS Internet Information Services web page on which to install the application.
    Enforce SSL Specifies whether insecure websites are available for installation. If the option is set, only sites secured by SSL can be used for installing. This setting is the default value. If this option is not set, insecure websites can be used for installing.

    URL

    The application's Uniform Resource Locator (URL).

    Install dedicated application pool

    Specifies whether an application pool is installed for each application. This allows applications to be set up independently of one another. If this option is set, each application is installed in its own application pool.

    Application pool

    The application pool to use. This can only be entered if the option Install dedicated application pool is deactivated.

    If you use the DefaultAppPool default value, the application pool is defined using the following syntax:

    <application name>_POOL

    Identity

    Permissions for executing an application pool. A default identity or a user defined user account can be used.

    If you use the DefaultAppPool default value, the user account is defined using the following syntax:

    IIS APPPOOL\<application name>_POOL

    If you want to authorize another user, click ... next to the text box, activate the option Custom account, and enter the username and password.

    Web Authentication

    Specifies the type for authentication against the web application. You have the following options:

    • Windows Authentication (single sign-on)

      The user is authenticated against the Internet Information Services using their Windows user account and the web application performs a role-based login for the employee assigned to this user account. If single sign-on is not possible, the user is diverted to a login page. This authentication method can only be selected if Windows authentication is installed.

    • Anonymous

      Login is possible without Windows authentication. The user is authenticated anonymously against Internet Information Services and the web application, and the web login diverts to a login page.

    Database authentication

    NOTE: You can only see this section if you have selected an SQL database connection in the Database connection view.

    Specifies the type for authentication against the One Identity Manager database. You have the following options:

    • Windows Authentication

      The web application is authenticated against the One Identity Manager database with the Windows user account under which its application pool is running. Login is possible with a user defined user account or a default identity for the application pool.

    • SQL authentication

      Login is only possible through a user defined user accounts. Authentication is done using user name and password. This access data is saved in the web application configuration as computer specific encrypted.

  6. Specify other application specific settings on the Configuration page.
    1. Select the language of the application from the Language menu. The language influences how dates and numbers displayed amongst other things.
    2. The web application requires access permissions to itself. If you selected the authentication type Windows authentication (single sign-on) for the Web authentication, enter the domain, user account, and password for the user. For anonymous web authentication, no further entries are required.
  7. Installation progress is displayed on the Setup is running page. Once installation is complete, click Next.
  8. Click Finish on the last page to end the program.

NOTE: The Web Installer generates the web application and the corresponding configuration files (web.config) for each directory. The Web Installer uses default values for the configuration settings. You can keep these values. It is recommended you check the settings with the help of the Manager Web Configuration Editor.

Related Topics

Displaying the Manager web application

The Manager web application is accessed via a browser front end.

Use the appropriate URL for this:

http://<server name>/<application name>

https://<server>/<application name>

Updating the Manager web application

NOTE:

  • We recommend that you perform the automatic update only in specific maintenance windows, in which the application cannot be accessed by users and the application can be manually restarted with no risk.
  • The following permissions are required for automatic updating:
    • The user account for updating requires write permissions for the application directory.
    • The user account for updating requires the local security policy Log on as a batch job.
    • The user account running the application pool requires the local security policies Replace a process level token and Adjust memory quotas for a process.

The application update happens automatically if the plugin "Auto update" is enabled for the web application.

To run an update, first load the files to be updated into the One Identity Manager database. The necessary files are loaded into the One Identity Manager database and updated when a hotfix, a service pack or a full version update is run.

The Automatic update plug-in performs a check when the application is started, and every approx. 5 minutes thereafter. New files are loaded from the database as they are identified. The plug-in cannot update the files while the application is running. The update waits until the application is restarted.

The application is restarted automatically by the web server when it has been idle for a defined length of time. This may take some time or be hindered by continuous user requests.

Related Topics

Uninstalling the Manager web application

To uninstall a web application

  1. Launch autorun.exe from the root directory of the One Identity Manager installation medium.

  2. On the start page o the installation wizard:

    1. Select the Installation tab.

    2. Select Web-based components and click Install.

      Starts the Web Installer.

  3. On the Web Installer start page, click Uninstall a One Identity Manager web application and click Next.

  4. The Uninstall a One Identity Manager web application page displays all installed web applications.

    1. Select the web application you want to remove by double-clicking it.

      The icon is displayed in front of the application.

    2. In the Authentication method area, select an authentication method and enter the corresponding login data.

    3. To start uninstalling the web application(s), click Next.

    1. Confirm the security prompt with Yes.

  5. The uninstall progress is displayed on the Setup is running page.

  6. Once installation is complete, click Next.

  7. On the Wizard complete page, click Finish.

  8. Close the autorun program.

相关文档