Upgrade the Web Application

The web application is the primary mechanism for users to gain access to the credentials stored in the solution, whether managed or static, as well as to audit access to those credentials. The web application also performs other functions as well such as a secure file store, privilege escalation, and secure personal password store. This section shows how to install the web application from the management console.

For more information on the web application host prerequisites prior to installation, please see Web Application Host Requirements .

  1. In the management console, click the Manage Web App button from the left action pane.
  2. If upgrading from version 5.5.1 or earlier, select your web application from the list and click Remove. This step is necessary because the system name and registry settings have changed.
  3. Manage Web Application Instances

  4. On the Manage Web Application Instances dialog, click Install, located in the lower left corner.


Install Web Application

  1. On the Install Web Application dialog, select the target installation system. Local system is the system you are on now. If installing to a remote system, supply the remote system name as fully qualified domain name.

  3. Click Check System Compatibility. This will perform a check of the target system to validate IIS is accessible, the file system is accessible, and remote registry and remote COM+ access are possible. Fix any access errors before continuing. If the check proceeds without incident, the Web Interface Files section will be filled in automatically.

Web Interface Files

  1. In the Web Interface Files section, supply the following information:
    • Install to target web site: any and all root web sites on the target server will be listed here. Choose the root web site to host the web application.


      Install to Virtual Directory

    • Choose Install to root of web site or Install to virtual directory:
      • Installing to root of web site will replace the existing web site configuration at the targeted web site. The URL of the web application will simply target the name of the server. This makes it easier for end users torecall and type. If the web server is a shared server, you could inadvertently overwrite another web application.
      • Installing to a virtual directory is the safest option, as you will not overwrite any other applications if the target is a shared server. The default virtual directory name is PWCWeb. This name can be changed to any value permitted by IIS. The name supplied here will be appended to the server name. In the default case, the URL will target https://serverName/pwcweb.
    • Web files destination path: this is where the web application files will be copied on the target server. The path is resolved from IIS on the target server, which defaults to %inetpub%\wwwroot. When installing to a virtual directory (default), the path is appended with the name of the virtual directory.
    • Copy alternate web application files to target (not recommended): version 5.5.2 was the last version to provide official support for the legacy web application. Although it is still present in the current installer, it will be removed without notice from future iterations.
  2. Web Application COM Components defines information for the COM application that will be responsible for data access from the web application to the solution data store. Supply the following information:
  3. Web App Components

    • COM+ files destination files path - defaults to C:\Windows\System32 and will install to \\serverName\admin$\syswow64 (c:\windows\syswow64). It is typically not necessary to change this setting.
    • COM+ application name - defaults to PWCWebComApp. You may supply any name you wish. This name is never visible to end users and is purely for identification when using the Windows Components snap-in.
    • Use existing COM application/config if possible - if upgrading from an existing installation, this will attempt to leave the existing COM application configurations intact and simply replace the required COM component files (rouletteweb.dll).
    • COM+ application account - this is the identity that will actually run the COM application. When using Integrated Windows Authentication, this is the account that will be responsible for data access from the database server on the web application's behalf. Enter the username as DomainName\UserName.

    For more information, please see Service Account Requirements.

    • COM+ application password - this is the password for the COM application account.
  4. Click Test COM+ Credentials. This will attempt to validate the credentials defined that are in fact valid credentials.

    Use SSL

  6. In the bottom section of the Install Web Application dialog, identify the use of SSL, provide a custom port if needed, or identify an explicit site address. Use an explicit site address when the URL to access the web application will be different than the serverName (or serverName/virtualDirectoryName). This would be the case when using a load balancer or if the server name will be aliased in DNS.
    • The information entered here has no functional effect on the web site regarding end users. It affects only the web application auto-launch capability from the Manage Web Application Instances dialog in the management console.
  7. Click Web App Settings to configure additional web application options. These options affect security, sessions, and other integrations. For more information, please see Install the Web Application.
    • The one option you must specify is the Web Service URI for REST web service endpoint on the App Options tab. At this point, the web service is not yet installed. However, if the web service will be installed onto the same machine using default settings, the URI will be virtually the same as the URL mentioned above. For example, if the server is defined to use SSL in the previous step on the default port (443) and your SSL cert uses the FQDN of the server (e.g. example.int), then the URI to enter will be https://servername.example.int/erpmwebservice/authservice.svc/REST. Everything after your server name is standard: /erpmwebservice/authservice.svc/REST. If you were behind a load balancer and the name of the load balanced cluster was secureidmstore.example.com the URI to enter would be: https://secureidmstore.example.com/erpmwebservice/authservice.svc/REST.
    • If any information changes, the information can be updated at any time.

    Install Web Application

  8. Click Install.
  9. You may receive a COM Account Confirmation warning after clicking. This dialog will appear if the COM account specified on the installation dialog is different than the currently logged in user. The warning asks you to be sure that the account specified has data store access or the web application will fail to function until the access issue is resolved.

    COM+ Account Confirmation

  11. If you are sure about the account information, click Yes to continue or No to change to a different account.

    Successful Install


  1. When the web application installation is complete, a dialog indicating a successful install will appear. Click OK.
  2. You will next be prompted to launch the web application. Clicking Yes will open your default browser to the URL specified in step 9 above.

    Launch Browser

  4. Click Yes to launch the web application. You will be logged into the web application as [WebApplicationManager]. This is a built-in account. Its password is randomly generated with each installation of this product.

    Manage Web Application Instances

  6. Once the installation of the web applications is complete, the Manage Web Application Instances dialog will be populated with a list of all known web applications.
  7. If the web service is hosted on the same machine, continue to Upgrading the Web Service. If the web service is hosted on a different machine, then start the parent web site in IIS on the web application hosts only.

For more information please see Post Installation or Upgrade Steps for additional steps and verifications.