Identity Manager 8.1 - Installation Guide

About this Guide One Identity Manager overview Installation prerequisites Installing One Identity Manager Installing and configuring the One Identity Manager Service Automatic updating of One Identity Manager Updating One Identity Manager Installing and updating an application server Installing the API Server Installing, configuring and maintaining the Web Portal Installing and updating the Manager web application Logging in to One Identity Manager tools Error handling Appendix: Creating a One Identity Manager database for a test or development environment from a database backup Appendix: Extended configuration of the Manager web application Appendix: Machine roles and installation packages Appendix: Settings for a new SQL Server database

Setting up permissions for creating an HTTP server

The log files of the One Identity Manager Service can be displayed using an HTTP server (http://<Servername>:<Portnumber>).

Users require permission to open an HTTP server. The administrator must grant URL approval to the user to do this. This can be executed with the following command line call:

netsh http add urlacl url=http://*:<port number>/ user=<domain>\<user name>

If the One Identity Manager Service has to run under the Network Service (NT Authority\NetworkService) user account, explicit permissions for the internal web service must be granted. This can be executed with the following command line call:

netsh http add urlacl url=http://<IP address>:<port number>/ user="NT AUTHORITY\NETWORKSERVICE"

You can check the result with the following command line call:

netsh http show urlacl

Communications ports and firewall configuration

One Identity Manager is made up of several components that can be executed in different network segments. In addition, One Identity Manager requires access to various network services, which can also be installed in different network segments. You must open various ports depending on which components and services you want to install behind the firewall.

The following ports are required:

Table 13: Communications port
Default port Description

1433

Port for communicating with the One Identity Manager database.

1880

Port for the HTTP protocol of One Identity Manager Service.

2880

Port for access tests with the Synchronization Editor, such as in the target system browser or for simulating synchronization.

80

Port for accessing web applications.

88

Kerberos authentication system. (if Kerberos authentication is implemented).

135 Microsoft End Point Mapper (EPMAP) (also, DCE/RPC Locator Service).
137 NetBIOS Name Service.
139 NetBIOS Session Service.

Other ports for connecting to target systems are also required. These ports are listed in the corresponding guides.

Installing One Identity Manager

The following steps are required to install One Identity Manager:

  1. Installation of One Identity Manager tools on the administrative workstation on which the One Identity Manager database schema installation will be started.
  2. Installing and configuring the One Identity Manager database.
  3. Setting up the server, which handles the SQL processes.
    1. The server must be entered in the database as a Job server with the server function SQL processing server.
    2. A One Identity Manager Service with direct access to the One Identity Manager database must be installed and configured on the server.

    Note: Multiple SQL processing servers can be set up to spread the load of SQL processes.
  4. Setting up an update server for automatic software updating of other servers.
    1. The server must be entered in the database as a Job server with the server function Update server.
    2. A One Identity Manager Service with direct access to the One Identity Manager database must be installed and configured on the server.

NOTE: You can proceed with setting up an SQL processing server and the update server using the Configuration Wizard.

You can also install the following:

  • Install more workstations

  • Install more server with One Identity Manager Service

  • Install an application server

  • Install the Web Portal on a Web server

  • Install the Operations Support Web Portal on a Web server

  • Install the Password Reset Portal on a Web server

    For detailed information about installing and configuring the Password Reset Portal, see the One Identity Manager Web Application Configuration Guide.

  • Install the Manager web application on a Web server

  • Install more Web services like SPML Web service or SOAP Web Service.

    For detailed information about installing the web services, see the One Identity Manager Configuration Guide.

You can install and update the One Identity Manager using the following methods.

  • Use the installation wizard to install the One Identity Manager components on workstations for the first time.
  • Use the installation wizards to install the One Identity Manager Service on servers for the first time or remote with the Server Installer.
  • To update an existing installation use the auto update software.
  • Use the installation wizard to manually update individual workstations and servers.
Detailed information about this topic

Before you start installing One Identity Manager

  • Before installing the One Identity Manager, ensure that the workstations and servers meet the minimal hardware and software requirements.
  • End all programs and service components otherwise installation cannot begin.

NOTE: A separate upgrade package is available for the update from One Identity Manager version 6.x to One Identity Manager version 7.0. For all inquiries, please contact the support desk. To access the Support Portal, go to https://support.oneidentity.com/identity-manager/.

Detailed information about this topic
相关文档