Chat now with support
Chat with Support

Identity Manager 9.2 - Administration Guide for Connecting to Native Databases through Database Systems Integration Module

Database Systems Integration Module Installing DSI Working with Oracle Database Working with MSSQL Working with SAP HANA Working with the MySQL database template User scenario Troubleshooting

Provisioning logins in MS SQL

Provisioning of Login Accounts in MS SQL Server can be automated through account definitions in One Identity Manager. To automate the provisioning of Login Accounts, create an account definition for UNSAccountB and specify the MS SQL target system. Ensure that the account definition has the associated mappings with UNSAccountB for the successful processing of Login creation process.

Automating Login Account creation

The user accounts from the Active Directory (AD) are synchronized using the Active Directory connector for One Identity Manager. After synchronizing, the corresponding entries are displayed in the Identity section of the Manager tool. Assigning an account definition for the identity and saving operation creates a Windows Login for the Active Directory account in MS SQL Server.

Automating Login Account creation

  1. Create an account definition for the MS SQL Server target system using the Manager tool.
  2. Define an IT operating data mapping for AccountType column of the UNSAccountB table.

    IMPORTANT:

    • The template in the Value Calculation field must have the phrase TSB_ITDataFromOrg for the columns to be available for mapping. A comment line can also be added with TSB_ITDataFromOrg.
    • To provision Windows Login, as a default value WINDOWS_LOGIN must be specified.
    • AccountName in the UNSAccountB table is used by the MS SQL script to provision the Login

  1. After the account definition is configured, assign it to the Identity.
  2. Click Save.

    An entry is created in the UNSAccountB table and the process for provisioning of Login is triggered.

    NOTE:

    • If there is an issue in automating the Login Account creation, check the job queue for a detailed information about the issue.
    • Ensure that the correct values have been set in the AccountType and LoginName fields of the UNSAccountB table in the Manager tool.

Troubleshooting

Issues related to the use of this module range from server-related issues to Job server latencies. Some of the issues that can affect the use of this module are mentioned here:

  • Network issues connecting the database instance with the Job server handling database synchronization and provisioning tasks.

  • For details about the errors related to Microsoft SQL Server and Oracle databases, see the Job server logs.

  • Detailed information on the errors for the SAP HANA Synchronization or Provisioning is not available in the Job Queue, as it uses SAP HANA client assemblies.

  • Connectivity issues related to the instance unavailability or incorrect credentials being supplied while connecting to the database.

  • Provisioning issues can be related to specific known issues of the target databases. For example, in Oracle database, GLOBAL_AQ_USER_ROLE cannot be assigned to a user object type.

For more information on known issues specific to the target databases, refer the One Identity Manager Release Notes for Database Systems Integration Module.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating