Starting synchronization
You can also start manually by either running it on your workstation or from the . If you run synchronization from your workstation, you cannot work with the until synchronization is complete. To be able to continue working with the Synchronization Editor during synchronization, run synchronization from the synchronization server.
To start synchronization manually
-
In the Synchronization Editor, open the .
-
Select the Configuration > Start up configurations category.
-
Select a start up configuration in the document view and click Run.
- Confirm the security prompt with Yes.
Defining downstream processes
Certain actions must be run in the One Identity Manager database after has finished. For this, you can define additional processes in the tables, which return base objects. These additional processes are run through the "PostSync" event, which is triggered in the process DPR_DPRProjectionStartInfo_Run_Synchronization.
To create a downstream process for synchronization
- In the , select the Process Orchestration category.
- Start Process Editor using the Create a new process task.
This makes a new element for the process and opens it in the Process Editor.
- Edit at least the following process properties.
Table: |
Table that returns the base object for the synchronization, for example ADSDomain. |
Event: |
PostSync |
- Create the required .
For more information, see the One Identity Manager Configuration Guide.
- Save the changes.
Examples
- To automatically assign employees to Active Directory user accounts, the table ADSDomain contains the process ADS_ADSDomain_SearchAndCreate_FullSync. The process is triggered by the event "PostSync".
- If group memberships cannot be resolved when an Active Directory domain is synchronized, the One Identity Manager finds the Active Directory SIDs of the user accounts. For this, there is the process ADS_ADSDomain_PostSync set on the table ADSDomain. The process is triggered by the event "PostSync".
Processing synchronization steps
When a is processed in a , objects are determined and processed as follows:
- Load slim list of objects to be synchronized
Objects to be synchronized are loaded according to the object matching rules from the target system and the One Identity Manager database. Only key properties, the (if exists) and individually specified schema properties in the system connector are loaded in this case.
TIP: For systems whose schema type only have a few schema properties, this list can already be loaded with all schema properties. This can speed up synchronization.
You can configure the appropriate behavior in the start up configuration when in expert mode. Modify the reload threshold to do this For more information, see Extended properties for start up configuration.
- Use revision filter
Modified object pairs are filtered, if revision filtering is permitted and the target system supports revision filtering The revision filter is applied to the slim list, which means objects that are already loaded. Therefore, objects that only exist in one of the are also processed.
- Load lists of object pairs with all schema properties
One Identity Manager loads list of object and object pairs to be synchronized with all mapped schema properties. The lists are loaded in partitions with a fixed size. Once a partition (for example 1000 object pairs) has been loaded, they are processed asynchronously and at the same time the next partition is being loaded. Therefore, a maximum of two partitions are located in main memory at any time.
- Use mapping
The moment a partition (for example, 1000 list pairs) have been loaded, the mapping is used for all objects and object pairs. Processing methods are subsequently run according to the given condition.
If a is defined for a processing method, all objects to be processed from all partitions are loaded first to check whether the quota is exceeded. If there is a large amount of data, this can affect synchronization performance. If the quota is not reached, the processing method will be run afterward. If the quota is exceeded, the synchronization step is not run and subsequently, synchronization is halted. A message is written to the synchronization log.
Detailed information about this topic
Exporting a synchronization configuration
created for a test database, for example, can be transported to a live database. You use the to do this. To use the synchronization project in the target database, check the connection credentials and change the synchronization configuration to match the target database’s requirements.
Prerequisite
- The schema of both One Identity Manager databases are identical. Customized schema extensions used in the mapping exist in both databases.
To transport a synchronization project to another One Identity Manager database
- Create a transport package for the synchronization project using the Database Transporter.
- Set the Transport synchronization projects option.
-
To select the synchronization project, click Select.
- Click Next.
This exports the data.
NOTE: The transport package does not contain a root object, , or assignments of schedules to start up configurations.
- Import the transport package into the target database with the Database Transporter.
On the Import configuration page, configure the import.
-
If there is a synchronization project in the target database already, configure here, which changes are imported into the target database.
-
Do not change the start up configuration settings: Specifies whether start up configurations, variables, and variable sets are imported.
Set this option so that changes to these objects are not overwritten in the target database. If this option is not set, changes made to these objects in the target database are overwritten by the transport package.
-
Details: Shows an overview of all the objects with their change status. Click Details to show the overview.
To show details of the modification, expand the respective node in the Objects column. To exclude certain object changes from the import package, disable the object.
- Click Next.
Then the transport package data is imported.
After importing is complete, the database is compiled.
- Modify the synchronization project in the target database.
-
Modify the One Identity Manager database connection data and update the schema.
-
Check the target system connection data and the variable set.
-
Configure the base object.
-
Assign a schedule to the start up configuration.
-
Configure the synchronization log.
-
Make any other necessary changes to the settings.
-
Run a consistency check.
-
Activate the synchronization project.
For more information about creating and importing transport packages, see the One Identity Manager Operational Guide.
Detailed information about this topic