OneDesignConfig switches

OneDesignConfig is a PowerShell script for assisting with Identity Panel installations, verifying the current status of an Identity Panel installation and for troubleshooting or regular verification purposes.

The script can be run on both the Identity Panel server and on servers where the Identity Panel Service (PanelTools) has been installed (using the -Scope AgentOnly switch).

When run as part of a Knowledge Package license from SoftwareIDM, the ServiceMode OneDesign option provides automated setup assistance and scheduled verification through a daily run task (See Sample OneDesign Event Logs).

See also:
OneDesignConfig Tests

OneDesignConfig release notes

Common tasks:

Run in online mode, download, install and configure prerequisites for Identity Panel if not installed or verify config if Identity Panel is already installed:
.\OneDesignConfig -RunMode Online

Run in online mode, assume 'no' to any configuration or download prompts:
.\OneDesignConfig -RunMode Online -AnswerMode NoToAll

Run in offline mode, narrow scope to only run tests applicable to the server side
.\OneDesignConfig -RunMode Offline -Scope ServerOnly

Run in offline mode, narrow scope to only run tests applicable to the client side
.\OneDesignConfig -RunMode Offline -Scope AgentOnly

Run in online mode, download and install PanelTools.msi from parent Identity Panel server
.\OneDesignConfig -ServiceMode UpgradePanelTools

Run in online mode, automatically download and install Identity Panel using server name as HostHeader value (requires a Knowledge Package).
.\OneDesignConfig -ServiceMode OneDesign

Usage:
OneDesignConfig.ps1 -RunMode <Online/Offline/DownloadOnly/DownloadAll/Help> [-Scope ServerOnly/AgentOnly/Both/FrontEndOnly] [-AnswerMode Yes/No/Ask [-CustomSource path] [-HostHeader DNS Name]

Runmode

Online - Assume user has internet connectivity and download prereq files to script folder if required (default)
Offline - No downloads of prerequisites will be attempted, files that have been downloaded previously will still be executed normally if they are present in the folder the script is running from
DownloadOnly - Download only files for Identity Panel prerequisites that are not already installed, sets YesToAll, runs tests but does not execute files
DownloadAll - Download all files for Identity Panel prerequisites regardless of installation status, sets YesToAll, does not excecute files, exits afterwards without running any tests
DownloadExtras - Download extra components only, sets YesToAll, does not excecute files, exits afterwards without running any tests

Scope

AgentOnly - Only run tests and downloads for PanelTools Agent Service
ServerOnly - Only run tests and downloads for Identity Panel Web service
Both - Run tests and downloads for both Agent and Server components (Default)
FrontEndOnly - Only run tests and downloads for Front-end services (WebAgent)
BackEndOnly - Only run tests and downloads for Back-end services (MongoDB and Elastic)

AnswerMode

YesToAll - Automatically assume a Yes answer to all configuration questions
NoToAll - Automatically assume a No answer to all configuration questions
Ask - Ask Y/N for each configuration question (Default)

AuthenticationMode

Anonymous - Perform web request tests without authentication
DefaultCredentials - Perform web request tests using logged on user (Default)

CustomSource: - Directs Add-WindowsFeature to use a custom source path to OS installation files
HostHeader: - DNS name for Identity Panel installation (Default: <hostname>)
PanelWebPort: - TCP port the Identity Panel website listens on (Default: 80)
IDPProtocol: - Protocol used for Identity Panel website (Default: http)
PanelWebIPAddress: - IP address for Identity Panel website (Default: *)

DBInfo

Errors - Show last 5 errors from IdentityPanel database
Roles - Show security Roles and memberships in IdentityPanel database
Licenses - Show licenses in IdentityPanel database
Schedules - Show schedules defined in IdentityPanel database
Providers - Show providers defined in IdentityPanel database

Advanced tasks:
ServiceMode

Normal - Runs pre-installation diagnostics, setup tasks and post-installation verification tasks (default)
OneDesign - Runs iterative setup and verification tasks, requires SIDM Knowledge Pack License
MinorUpgrade - Download and upgrade Identity Panel Web minor version
MajorUpgrade - Download and upgrade Identity Panel Web major version
DownloadPanelTools - Download IdentityPanel Service (PanelTools) from IdentityPanel server defined in config.json
UpgradePanelTools - Download and upgrade IdentityPanel Service (PanelTools) from IdentityPanel server defined in config.json
ResetScheduler - Reset executing status of all currently running schedules

Purge

History-Rescan - Completely purge all historical data from the IdentityPanel database and run PanelTools scan
History-SkipRescan - Completely purge all historical data from the IdentityPanel database without running PanelTools scan
Roles - Delete all custom roles and reset roles to default in IdentityPanel database
Security - Delete all custom security settings and reset to default in IdentityPanel database
Licenses - Delete all license information from IdentityPanel database
Schedules - Delete all schedules from IdentityPanel database
Providers - Delete all Providers from IdentityPanel database

IndexDB - Perform operations on IdentityPanel database using webagent.exe

FullReindex - Initiate full reindexing of IdentityPanel database using webagent.exe
Index - Move pending search data into full-text index in Identity Panel database using webagent.exe
Upgrade - Migrate database schema information for Identity Panel database after upgrade using webagent.exe

PanelToolScan: - Perform operations within PanelTool.exe

FullScan - Initiate full scan of MIM Sync database using PanelTool.exe with -full switch
ScanLastRun - Scan last run on MIM Sync MA using PanelTool.exe with -lastrun switch

KillSwitch - Terminate the supplied target process

IdentityPanel - Terminate IdentityPanel.exe web service process
IdentityPanelAndIISReset - Terminate IdentityPanel.exe web service process and run IISReset afterwards

BackupDBTo - Backup IdentityPanel Database to <path> using mongodump.exe
RestoreDBFrom - Restore IdentityPanel Database from <path> using mongorestore.exe

IDPServices - Perform tasks on IdentityPanel services on this server (use with Scope switch for ServerOnly/AgentOnly/Both)

StartAll - Start all IdentityPanel services on this server
StopAll - Stop all IdentityPanel services on this server
DeleteAll - Delete all IdentityPanel services from this server

AutoReboot - $false (default) or $true. If $true, automatically reboots server if pending reboot requirement is detected and reruns script after reboot (requires ServiceMode OneDesign as argument)

Examples:

BackupDBTo: .\OneDesignConfig.ps1 -BackupDBTo C.\Admin\MyBackupFolder

Checks if target folder is present and empty
Creates target folder specified if not present
Backs up Identity Panel database to the specified folder

restoreDBFrom: .\OneDesignConfig.ps1 -RestoreDBFrom C.\Admin\MyBackupFolder

Checks if a valid backup exists in target folder
Stops Identity Panel Database
Renames current database folder to date/time folder name
Creates new 'db' folder
Starts Identity Panel Database
Runs MongoRestore operation from target folder
Runs WebAgent --upgrade on restored database
Runs WebAgent --reindex on restored database

ServiceMode UpgradePanelTools: .\OneDesignConfig.ps1 -ServiceMode UpgradePanelTools

Stops Identity Panel Service
Downloads new version of PanelTools.msi from parent Identity Panel server
Executes PanelTools.msi with information pulled from local config.json file in PanelTools folder
Starts Identity Panel Service

ServiceMode MinorUpgrade: .\OneDesignConfig.ps1 -ServiceMode MinorUpgrade

Stops all Identity Panel Services
Downloads updated Identity Panel MSI file from SoftwareIDM web site
Installs downloaded MSI file in quiet mode
Iteratively runs OneDesignConfig post-upgrade to add previous IIS bindings and configure required other changes
Starts all Identity Panel Services
Runs WebAgent --reindex after services have been started