Chat now with support
Chat mit Support

Identity Manager 8.1.5 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Setting up Job servers Configuring the One Identity Manager Service Handling processes in One Identity Manager
Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Using scripts Notes on message output Notes on using date values Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Script library Support for processing of scripts in Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for executing scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration SOAP Web Service One Identity Manager as SPML provisioning service provider Processing DBQueue tasks One Identity Manager Service configuration files

FTPJobDestination

The FTPJobDestination handles the process steps provided in the FileJobGate (FileJobProvider or FTPJobProvider) and returns the results to the Job provider.

 

Table 89: FTPJobDestination parameters

Parameters

Description

Backup of transferred files (BackupFiles)

If this option is enabled, all files (with or without errors) are moved to a Backup subdirectory. In the default case (not set) only files with errors are saved.

Check file index (CheckInputIndex)

If this option is set, the file name index is checked to see if has increased in size. Files with the same or a lower index are not processed. This option is not set by default.

Max. number of process trees in a transfer file (MaxListCount)

Maximum number of process steps that can be grouped together as a file. This allows limiting of the file size.

Use encryption (UseEncryption)

Specifies whether the data is to be written to the files in encrypted form.

NOTE: The setting for encryption must be identically configured in the Job provider and the related Job destination.

Notification methods (EventTypes)

The Job provider supports three different methods for providing notification about new data.

  • Timer: Newly stored data is queried at defined intervals.

  • HTTP: The provider queries the parent Job server through HTTP and processes the stored data once the server replies.

  • FSEvent: Newly stored data is queried after a file system event.

The notification methods can be combined when separated by commas.

Example:

TIMER,FSEVENT

Remote host for HTTP notification (HostName)

If using the HTTP notification method, enter the name of the remote host here to which the queries are transferred.

HTTP notification port (Port)

If using the HTTP notification method, enter the port for transfer here.

Monitoring interval for input directory (TimerInterval)

If using the TIMER notification method, enter the interval in milliseconds here.

Input directory (InputDirectory)

The module reads and processes the process files (*.fjg) in this directory.

NOTE: Ensure that the Job provider and related Job destination use the same directory. Input directory and output directory are then reversed accordingly.

Output directory (OutputDirectory)

Directory to which the processed files are written.

Subdirectories (SubDirectories)

You can enter a list of directory names separated by a pipe character (|) here. All the directories are then monitored and processed correspondingly. The following directory structure is expected:

SubDirectories = "ServerA|ServerB"

...

Request

ServerA

ServerB

Response

ServerA

ServerB

where Request and Response are the directories specified in the Input directory (InputDirectory) and Output directory (OutputDirectory) parameters.

NOTE: You can only use the Timer notification method. The HTTP and FSEvent notification methods are not available.

Automatic identification of subdirectories (AutoSubDirectories)

If this option is enabled, the module automatically processes all the files in the subdirectories. Processing is not recursive.

ProviderID

if more than one Job provider is being processed by the One Identity Manager Service, enter the name of the Job provider to be used. If this is empty the first Job provider is used.

FTP Server (FTPServer)

Name or IP address of the FTP server.

FTP port (FTPPort)

Port for FTP transfer The default port is port 21.

FTP user account (FTPUser)

User account for FTP login.

FTP password (FTPPassword)

Password for the user account for FTP login.

Related topics

HTTPJobDestination

A HTTPJobDestination sends process steps to a child Job server. The data transfer is carried out by HTTP.

Table 90: HTTPJobDestination parameters

Parameters

Description

Receiver port (ChildPort)

HTTP port of the child Job server.

ProviderID

Enter the name of the Job provider that will be used if more than one Job provider is being processed. If this is empty the first Job provider is used.

Retries

Number of retries performed by the module if the data transfer fails.

RetryDelay

This defines how long the module will wait after a failed process step transfer before retrying.

Timeout format:

day.hour:minutes:seconds

Remote domain (RemoteDomain)

User account domain on the remote HTTP server.

Remote user account (RemoteUser)

User account for logging onto the HTTP server.

RemotePassword

Password for the user account for logging onto the HTTP server.

Related topics

Configuration module

The standard One Identity Manager Service configuration settings are specified in this module.

Table 91: Configuration module parameters

Parameters

Description

VerboseLogging

Set the parameter to obtain more detailed messages on starting and stopping the One Identity Manager Service.

DebugMode

In DebugMode, One Identity Manager Service writes additional information to the log file. For example, all the parameters and results that are passed to a component are written to the log file.

NOTE: This parameter is used for localizing errors. It is not recommended to set this parameter in normal working conditions on performance grounds.

ComponentDebugMode

When set, individual One Identity Manager Service process components write additional process information to a log file.

NOTE: This parameter is used for localizing errors. It is not recommended to set this parameter in normal working conditions on performance grounds.

HTTPAddress

If One Identity Manager Service is running on a computer with several network cards, you can use this parameter to define which service should work over which IP address. If no IP address is entered, then all of them are used.

HTTPPort

Every One Identity Manager Service automatically works as an HTTP server. This parameter specifies the port that One Identity Manager Service works with. The default value is port 1880.

The HTTP server is addressed by:

Logging of job provider and executing instance (LogDestinationAndProviderId)

Specifies whether the job provider ID and executing instance are output in the log messages of the process step.

Language

Language used for error messages and outputs from the One Identity Manager Service. Permitted values are German and English. The default value is English.

UseSSL

Specifies whether the HTTP server is to provide secure connections. If this option is enabled, you can access the server from your browser using HTTPS.

The One Identity Manager Service uses System.Net.HttpListener for the web interface. For detailed information on how to configure certificates, see How to: Configure a port with an SSL certificate.

DoNotProtectCryptedValues

Nomally, encrypted values from the Jobservice.cfg are additionally protected by the data protection API. This prevents use by other accounts or servers. This option switches of additional protection to use it on other cluster nodes, for example.

NOTE: If you set this option, it causes problems if the database being synchronized against the One Identity Manager Service database is not encrypted. Therefore, ensure that database encryption is enabled.

WaitTimeOnFailedStart

The time to wait after a failed start before a retry is carried out. The default value is 90 seconds.

Timeout format:

hours:minutes:seconds

RetriesOnFailedStart

Number of retries for the One Identity Manager Service to start up. The default value is 5 retries.

DoNotProtectPrivateKeys

If the One Identity Manager Service finds a private key in the installation directory on startup, it places the key in the Windows internal key container of its service account and deletes the file from the hard drive. If this option is enabled, the key files are not moved to the key container.

Logwriter module

This module writes the One Identity Manager Service messages. The following module types may be selected:

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen