Chat now with support
Chat mit Support

Identity Manager 9.2.1 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics
Overview of the One Identity Manager schema Table types and default columns in the One Identity Manager data model Notes on editing table definitions and column definitions Table definitions Column definitions Table relations Dynamic foreign key Supporting file groups
Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Logwriter module

This module writes the One Identity Manager Service messages. The following module types may be selected:

EventLogLogWriter

The EventLogLogWriter writes messages from the One Identity Manager Service to an event log. To view the event log, you can use the results display in the Microsoft Management Console, for example.

Table 112: EventLogLogWriter parameters

Parameters

Description

EventLog

Name of the event log to which the messages are written. The messages are written to the application log with Application as the default value.

NOTE: If more than one One Identity Manager Service write event logs on a server, make sure that the first eight letters in the log name are unique on the server.

LogSeverity

Severity levels of the logged messages.

Permitted values are:

  • Info: All messages are written to the event log. The event log quickly becomes large and confusing.

  • Warning: Only warnings and exception errors are written to the event log (default).

  • Serious: Only exception messages are written to the event log.

EventID

The ID of the messages written to the event log.

Category

The category of the messages written to the event log.

Source

The name of the source of the messages written to the event log.

By default, the One Identity Manager Service only logs messages in the event log Application.

To use an event log with a different name

  1. On the Job server, manually add the file for theOne Identity Manager Service to write to. You can use PowerShell, for example, to do this.

    1. Run PowerShell as administrator on the Job server.

    2. Run the following CmdLet:

      New-EventLog -Source "Foobar" -LogName "<file name>"

  2. Enter this file name in the One Identity Manager Service configuration file, in the module EventLogWriter as the name for the event log.

  3. Restart the computer.

  4. Restart the One Identity Manager Service.

Related topics

FileLogWriter

The FileLogWriter writes messages from One Identity Manager Service to a log file. The log file can be displayed in a browser.

You call up the log file with the appropriate URL.

http://<server name>:<port number>

The default value is port 1880.

Table 113: FileLogWriter parameters

Parameters

Description

Log file (OutputFile)

Name of the log file, including the directory name. Log information for the One Identity Manager Service is written to this file.

IMPORTANT: The directory specified for the file must exist. If the file cannot be created, no error output is possible. Error messages then appear under Windows operating systems in the event log or under Linux operating systems in /var/log/messages.

Log rename interval (LogLifeTime)

In order to avoid unnecessarily large log files, the module supports the functionality of exchanging the log file with a history list. The LogLifeTime specifies the maximum life of a log file before it is renamed as backup. If the log file has reached its maximum age, the file is renamed (for example, as JobService.log_20040819-083554) and a new log file is started.

Timeout format:

day.hour:minutes:seconds

Process step log lifetime (JobLogLifeTime)

Retention time for process step logs. After this expires, the logs are deleted.

Timeout format:

day.hour:minutes:seconds

For test purposes, you can enable logging of individual process steps in the Job Queue Info. The processing messages of the process step is written to a separate log with the Debug NLog severity. The files are stored in the log directory.

Repository structure:

<Log directory>\JobLogs\<First 4 digits of the UID_Job>\Job_<UID_Job>_<yyyymmdd>_<Timestamp>.log

Number of history logs (HistorySize)

Maximum number of log files. If several log files exist, the oldest backup file is deleted when a new log file is created so that the limit is not exceeded.

Max. log file size (MB) (MaxLogSize)

Maximum size in MB of the log file. Once the log file has reached the limit, it is renamed as a backup file and a new log file is created.

Max. length of parameters (ParamMaxLength)

Maximum number of characters allowed in a process step parameter so that they are written to the log file.

LogSeverity

Severity levels of the logged messages.

Permitted values are:

  • Info: All messages are written to the event log. The event log quickly becomes large and confusing.

  • Warning: Only warnings and exception errors are written to the event log (default).

  • Serious: Only exception messages are written to the event log.

Add server name (AddServerName)

Specifies whether the server name is to be added to the log entries.

Dispatcher module

In a hierarchical server structure a server can be used as a proxy server for other servers. The proxy server makes requests at set time intervals for process steps to be processed on a server and sends them to the next server. If the request load needs to be minimized, a proxy server is recommended.

Table 114: Dispatcher module parameters

Parameters

Description

Acts as proxy for other servers (IsProxy)

Specifies whether the server is to act as a proxy server. Set this option if the server should be a proxy server.

ProxyInterval

Time interval in seconds, after which the proxy server acting as deputy for another server, should renew a request to the database.

The following guidelines can be used as orientation for the configuration of One Identity Manager Service polling intervals in a cascading environment:

Table 115: Polling interval guidelines for One Identity Manager Service
Parameters Root Server (direct connection to database) Leaf server (connected by HTTP or file)

JobServiceDestination.StartInterval

90 seconds

600 seconds

JobServiceDestination.Statisticinterval

360 seconds

600 seconds

Dispatcher.ProxyInterval

180 seconds

Dispatcher.IsProxy

True

False

The proxy mode of a root server ensures that, acting on behalf of the leaf server, process steps are queried in shorter proxy intervals. When the root server is restarted, it may take a while until all leaf servers have sent their first request (in this case a maximum of 600 seconds). However, the system then swings into action.

Figure 28: Dispatcher configuration example

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen