This is not the latest version of Identity Director documentation.
View available documentation.

Upgrade the Management Portal

During the upgrade, the Management Portal is uninstalled automatically, after which the new version is installed.

Installation

  1. Run the Ivanti Identity Director Installer.
  2. When prompted, choose Select and install components and click Next.
  3. In the Features section, select Management Portal.
    If you installed other components on the same device, also select those. Components will be installed in the order in which they are displayed in the Features section.
  4. Start the upgrade and follow the Setup Wizard.
  1. In the Secure Binding step, specify the settings to create an SSL binding for the Management Portal. This step is skipped if you already installed an Ivanti portal on the web server (e.g. an Ivanti Automation or Ivanti Workspace Control Management Portal, or an Ivanti Identity Director Web Portal).
    • The hostname must be known on your internal and external DNS servers.
    • The Management Portal is secured with SSL by default. It uses the HTTPS protocol and port 443 (or another port that you specified).
  2. Associate a server certificate with the binding. This can be a certificate that you obtained from a trusted Certificate Authority, or a self-signed certificate that is automatically generated.
    • You can obtain server certificates for example at www.letsencrypt.org.
    • Ivanti recommends using self-signed certificates only for testing purposes, not in a production environment.
  3. Click Next to start the upgrade.
    In IIS, the upgrade creates the web site RES and deploys the Management Portal as the web application RES > IdentityDirector.
    • If the web site RES already exists, a message is shown. Click Yes to continue.
  4. After installation has completed, click Finish to close the installer.

Configure the encryption key

If you have configured an encryption key for your Transaction Engine(s), this key must also be set for the Management Portal. This encryption key is necessary if you want to use the Execute PowerShell Script workflow action. If you do not set the encryption key during the upgrade, you can do this later.

  • When you first generate the encryption key, make sure you store it in a easily-accessible location for future use.
  • To verify if an encryption key has already been configured for a Management Portal, in the WebConsole.config file1 of the portal, look for encryptionKey="<ENCRYPTED_KEY>" in the webConsoleConfigurationmanagementServicedatabase node.
  • Make sure you use the same encryption key for all Transaction Engines and Management Portals in your Identity Director environment.
    Visible values for the encryption keys of Transaction Engines and Management Portals may be different, even if the actual encryption keys are identical.

For more information about the Execute PowerShell Script workflow action and setting the encryption key after upgrading, see Execute PowerShell Script.

Before you configure an encryption key for the Management Portal, make sure that Load User Profile is set to True for the IIS Application Pool IT Store Management.

There are two methods for configuring an encryption key for the Management Portal:

Management Portal URL

If you specified a hostname identitydirector.example.com, the web application is available at https://identitydirector.example.com/IdentityDirector.

Make sure that you use the same encryption key for the Transaction Engine and the Management Portal components of Identity Director.
When you first generate the encryption key, make sure you store it in a easily-accessible location for future use.
To see if an encryption key has already been configured, look in your web.config file, in the section webConsoleConfiguration > managementService > database > encryptionKey.

Next