Enhancements
Download: Releases · piyush-khandelwal-sp/idn-admin-console · GitHub
Download: https://github.com/piyush-khandelwal-sp/idn-admin-console/releases
Project: https://github.com/piyush-khandelwal-sp/idn-admin-console
Discussion: https://github.com/piyush-khandelwal-sp/idn-admin-console/discussions
So this snuck it without much fanfare but I was waiting for this feature (and just in time) as a client had just asked about it.
IDN is a great SaaS platform application which requires very little on-prem deployments. VA (Virtual Appliance) is obviously the key one but all the security and patching is managed by SailPoint itself.
IQService is another must have tool for most clients as it is needed for AD Provisioning (among few other things it does for other connectors). So its generally deployed in nearly every client instance. One of the main thing about this is that it was not autoupdated and thus client needed to download the latest and do an update themselves. Although its not a lot (maybe twice a year) but still good to have a software which can patch itself to latest version. And of course this is optional and who don’t want this can choose not to install the feature but we highly recommend it.
You DON’T need to give internet access to the IQService boxes to download latest updates. The latest IQService binaries are pushed to and are present on VA. This is via our existing process of update bundles being pushed to VA from cloud. At connector level, version is checked for IQService and if there is mismatch (new version available), latest version will be pushed out to UpdateService from the VA (As they already have line of sight to each other). Then UpdateService will coordinate and update local and then remote services. It is quite simple process where in the respective services are stopped and binaries are replaced.
Article assumes you know what IQService is and where to deploy it. I will quickly give some commands on how to do so with the latest release. I will show various setups and quick commands to run to update them.
NOTE: You must have Provisioning License to use IQService. Talk to your CSM about it and make sure you are licensed to use it.
Documentation: https://documentation.sailpoint.com/connectors/iqservice/help/integrating_iqservice_admin/intro.html
1 2 3 4 5 6 |
IQService.exe -v // keep a copy for backup IQService.exe -a list /// keep a copy of registered users for backup IQService.exe -u //uninstall the service //Keep a copy of existing IQService logs and delete the files in folder //Download latest IQService files in the folder. |
1 2 3 4 5 |
IQService.exe -i -o 5060 //install with TLS port 5060 IQService.exe -a abc\sailpoint // register user with service IQService.exe -z "tcp://localhost:5062" // Enable UpdateService for TCP on port 5062 IQService.exe -z "tcps://localhost:5062" // Enable UpdateService for TCPS on port 5062 IQService.exe -t //restart service |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
C:\SailPoint\IQService>IQService.exe -v ServiceName : IQService-Instance1 Display Name : SailPoint IQService-Instance1 Configured TLS Port : 5060 Connection Read Timeout : 15 Update Interval : 30 Build version : IQService-Jun-2022 Build timestamp : 06/15/2022 12:38 AM -0500 Build location : master Build builder : jenkins Build Number : 250 Executable : C:\SailPoint\IQService\IQService.exe File Size : 68416 File Date : 11/07/2022 4:44:53 PM Trace Level : 1 [ error ] Secondary Service : IQService-Instance1-Secondary Secondary Service TLS Port: 5061 Secondary Service Status : RUNNING UpdateService Host : dc1.abc.local UpdateService Port : 5062 UpdateService Name : IQService-Instance1-UpdateService UpdateService Status : RUNNING UpdateService Version : UpgradeService-Jun-2022 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
C:\SailPoint\IQService\UpdateService>UpdateService.exe -v ServiceName : IQService-Instance1-UpdateService Display Name : Sailpoint IQService-Instance1-UpdateService Primary Service : IQService-Instance1 Configured Port : 5062 Build version : UpgradeService-Jun-2022 Build timestamp : master Build location : jenkins Build Number : 250 Executable : C:\SailPoint\IQService\UpdateService\UpdateService.exe File Size : 59200 File Date : 11/07/2022 4:44:54 PM TLS Enabled : True Trace Level : 1 [ error ] Connection Read Timeout: 15 |
1 2 3 4 5 |
IQService.exe -i -b -o 5060 // Install with TLS port 5060 and without fallback implementation (secondary service) IQService.exe -a abc\sailpoint // Register user with service IQService.exe -z "tcp://localhost:5062" // Enable UpdateService for TCP on port 5062 IQService.exe -z "tcps://localhost:5062" // Enable UpdateService for TCPS on port 5062 IQService.exe -t //restart service |
1 2 3 4 5 |
IQService.exe -i -b -o 5060 // Install with TLS port 5060 and without fallback implementation (secondary service) IQService.exe -a abc\sailpoint // Register user with service IQService.exe -z "tcp://iqservice1.abc.local:5062" // Enable UpdateService for TCP on port 5062 IQService.exe -z "tcps://iqservice1.abc.local:5062" // Enable UpdateService for TCPS on port 5062 IQService.exe -t //restart service |
That is it!!! you should have an IQService which can update itself and keep the environment updated with latest features and bug fixes.
Download: https://github.com/piyush-khandelwal-sp/idn-admin-console/releases
Project: https://github.com/piyush-khandelwal-sp/idn-admin-console
Discussion: https://github.com/piyush-khandelwal-sp/idn-admin-console/discussions
New release for IDN Admin Console
Download: https://github.com/piyush-khandelwal-sp/idn-admin-console/releases
Project: https://github.com/piyush-khandelwal-sp/idn-admin-console
Discussion: https://github.com/piyush-khandelwal-sp/idn-admin-console/discussions