Upgrade the Management Console

An upgrade installation is very much like an initial installation with the exception that things like email database configurations, and registration configurations have already been performed.

Before installing the management console, ensure your host server meets the prerequisites as defined in Host System Requirements .

After upgrading the management console and before performing any other steps, be sure to launch the management console at least once. This step is required to upgrade the database.

If you have multiple management consoles, upgrade your primary licensed management console first, launch that console, then upgrade any other management consoles.

  1. Launch the Privileged Identity installer.
  2. Installer

  3. On the Welcome screen, click Next.
  4.  

    License Agreement

  5. Read the entire license agreement. If you agree, select I accept the license agreement, then click Next.
  6.  

     

    User Information

  7. Enter your name and organization name, then click Next.

 

    Select Features

  1. Select the features to install:
    • Privileged Identity is the only required element.
    • PuTTY Terminal Emulator: installs the open source PuTTY software.
    • PDF Encoder (recommended): provides Privileged Identity the ability to turn its compliance reports into PDF documents.
    • RSA SecureID: install this option if RSA multi-factor authentication will be required to access the management console, but this machine will NOT host the web application. If this machine will host the web application, leave this option unselected, as the application will be installed automatically when the web application is installed.
  2. If necessary, click Browse to change the default installation folder. If you have doubts about your available disk space, click Disk Cost.
  3. Click Next.

 

CLR COM Identity Information

  1. Choose the identity to run the CLR COM application. The default is Network Service. The CLR COM Identity is used to provide network and local system access for the solution to various cloud services. Individual account stores (Azure, AWS, ESX, etc.) will be configured with specific connection credentials when they are enrolled. Options for the identity are:
    • Interactive User: Use the same logon information as the calling identity. This is an administrator-level account because the calling identity will either be the admin running the console or the deferred processor service account. This option requires the least configuration but provides significantly more privileges than is required.
    • Network Service (recommended): Use the network service account. For this option you do not have to manage a password or grant additional rights, although in some cloud management cases, you may need to grant additional permissions on the file system.
    • Local Service: Use the local service account. For this option you do not have to manage a password or grant additional rights, although in some cloud management cases, you may need to grant additional permissions on the file system. The local service account has many more rights and privileges than the network service.
    • This User: Use a specified username and password. This user could be a local account that is configured to never authenticate to any other machine in the network (unlike network service or local service), but it does represent another account to manage a credential for. In some cloud management cases, you may need to grant additional permission to it on the file system. This account also needs Logon as a batch rights granted to it.
  2. Click Next.
  3. Once the basic configurations are complete, click Next.
  4.  

    Successful Install

  5. When you receive confirmation that the application has been successfully installed, click Back to make any needed changes or Next to complete the installation.
  6. Launch the program to perform the database upgrade. After this step is complete, repeat steps 1-12 for all other management consoles.
  7. Continue the installation by upgrading the web application, then web service, then deferred and zone processors.