Important Updates to Cybersecurity Software
HelpSystems is updating the names of our cybersecurity software, including the Powertech product line. Don’t worry—the functionality of your products won’t change.
See the new names here > New, Clearer Names for HelpSystems Security Software.
Please review the following information before installing or updating Identity Manager. If you are upgrading Identity Manager from version 1, see Upgrading Identity Manager.
Note: For information on upgrading in an HA environment, see Replication of Identity Manager, Exit Point Manager, and Central Administration in an HA Environment.
The Identity Manager installation process also installs Central Administration menu, Powertech’s product integration solution. The following information applies to both Identity Manager and Central Administration; specific values or other information for each product is noted, where applicable.
Identity Manager requires that you enter a valid license key. Contact [email protected] if you need to request a new license key.
Identity Manager requires IBM i version 7.1 or higher.
Note: During installation an FTP connection is initiated. The FTP server responds with messages that prompt for FTP login credentials. The standard port reserved to establish an FTP connection to the IBM i is port 21. Consequently, it is required that this port is open and ‘listening’ on the server in order to establish a connection with the Installation Wizard and facilitate a successful installation. Any firewall or exit program technology on the PC or the IBM i system could potentially block the FTP file upload and remote commands running the installation. Ensure any such firewall or program is configured to permit an FTP connection on port 21. If standard FTP is not permitted, contact Technical Support for instructions on how to manually install the product without the installation wizard.
If FTP is not available, you must install the product manually. See Manual Installation of Powertech IBM i Products.
It is Powertech’s goal not to change system values on customer systems because we recognize that security-conscious organizations have rigorous change control processes in place for even small changes to system values. Therefore, we ask you to make any system value changes that are needed. However, the Identity Manager installation process could change a system value to allow the install to proceed if a system value is not set as specified below. If the Installation Wizard changes a system value during install, it changes it back to its original value when the install completes.
To install Powertech Identity Manager on your system, the following system values that control object restores must be configured as shown.
Ensure the following servers are available and running prior to installation:
Do the following to perform the installation or update:
Download the Powertech Identity Manager installer (setupPowerAdmin2.exe) to your PC from the Identity Manager download page. (The "Trial" download is the full product, which can be unlocked with a valid License Key).
On the Choose Components panel, select which components you want to install. You can choose to install the Manuals and the Software for IBM i. Click Next.
If you’re only installing the Manuals, the process completes and the installer closes. The Manuals have been installed. You can skip the rest of these steps.
Note: The manuals are installed to the following location:
On the IBM i Details panel:
Select or enter the IBM i where you want to load Identity Manager.
Enter a user profile and password that’s a member of the user class *SECOFR and has at least the following special authorities: *ALLOBJ, *SECADM, *JOBCTL, *IOSYSCFG, and *AUDIT. The user profile should have Limit capabilities set to *NO.
(Optional) In the Advanced Settings section:
Enter a port number or use the arrows if you want to change the FTP port number to something other than the default of 21.
Select Secure File Transfer if you want to use FTPS (FTP over SSL) during the file transfer. The default FTPS secure port is 990, but it can be changed to the required secure port for your environment.
In the Timeout (seconds) field, enter the number of seconds the session should be kept active during an FTP transfer. You can choose anywhere between 25 and 1800 seconds (30 minutes).
Note: If the transfer takes longer than the amount of time specified, the session will expire.
You have two options on the Product Load Options panel:
Click Immediate Load if you’d like to load the product on the IBM i now.
Note: If you're doing an update, this ends PowerAdmin until the product load completes. After you are done, we’ll restart the product.
Click Staged Load if you’d like to transfer the objects now and load them on the IBM i at a later time.
Note: See "Loading Staged Objects on the IBM i" (below) for instructions on how to load the staged objects on your selected IBM i system.
The Product Load Progress panel for Identity Manager launches.
If the Product Load Progress panel ends with an overall Failed message, the product upload could not complete properly. To find the reason the upload failed, click View Logs and review your logs. You can also use Download at the top of the logs to save the information for future review.
When the processing is complete, you have two choices:
If this is the only installation or update of Identity Manager that you're doing, click Finish.
If you have installs or updates to do on other IBM i systems, click Restart. Then, return to step 4.
If you chose to stage your objects during step 5b of the installation or update process, do the following to manually load them on the IBM i you identified above.
On the IBM i, execute the following command to display the Work with Loads panel:
Enter option 1, Load, next to the Load Name for Identity Manager and press Enter.
The installation program installs Identity Manager, including the required user profiles and libraries (see table below for details).
The installation process displays the job log name, user, and job log number. Use the WRKSPLF command to display the job log for complete information on the Identity Manager install.
|Installed on System||Description|
PTADMIN, which has special authorities *ALLOBJ, *SECADM, *JOBCTL, *AUDIT, JOBCTL and *IOSYSCFG
PTADMIN - Powertech Identity Manager Administrators
PTWRKMGT (in library PTWRKMGT)
Job Queue Entries
PTPLLIB/PPLJOBQ added to subsystem PTWRKMGT
Objects in QGPL:
Powertech-created Unregistered Exit Points:
POWERLOCK_PL format SYS01000
To start Identity Manager:
Or, use the command WRKPTPA on the command line.
Note: The Identity Manager Administrator's Guide is available at Powertech Product Manuals.
Still have questions? We can help. Submit a case to Technical Support.