Chat now with support
Chat mit Support

Identity Manager 8.1 - Native Database Connector User Guide for Connecting DB2 (LUW) Databases

Starting Synchronization

Synchronization is started using scheduled process plans. A scheduled process plan is added once a start up configuration is assigned to a schedule. Use schedules to define executing times for synchronization.

NOTE: Synchronization can only be started if the synchronization project is enabled.

To execute synchronization regularly, configure and activate the a schedule. You can also start synchronization manually if there is no active schedule.

IMPORTANT: As long as synchronization is running, you must not start another synchronization for the same target system. This applies especially, if the same synchronization objects would be processed.

  • If another synchronization is started with the same start up configuration, this process is stop and is assigned the Frozen execution status. An error message is written to the One Identity Manager Service log file.

  • If another synchronization is started with another start up configuration, that addresses same target system, it may lead to synchronization error or loss of data. Specify One Identity Manager behavior in this case, in the start up configuration. Group start up configurations with the same start up behavior.

Analyzing Synchronization

Synchronization results are summarized in the synchronization log. You can specify the extent of the synchronization log for each system connection individually. One Identity Manager provides several reports in which the synchronization results are organized under different criteria.

To display a synchronization log

  1. Open the synchronization project in the Synchronization Editor.

  2. Select Logs.

  3. Click in the navigation view toolbar.

    Logs for all completed synchronization runs are displayed in the navigation view.

  4. Select a log by double-clicking on it.

    An analysis of the synchronization is shown as a report. You can save the report.

Synchronization logs are stored for a fixed length of time.

To modify the retention period for synchronization logs

  • In Designer, enable the DPR | Journal | LifeTime configuration parameter and enter the maximum retention period.

Post-Processing Outstanding Objects

Objects, which do not exist in the target system, can be marked as outstanding in One Identity Manager by synchronizing. This prevents objects being deleted because of an incorrect data situation or an incorrect synchronization configuration.

Outstanding objects

  • Cannot be edited in One Identity Manager.

  • Are ignored by subsequent synchronization.

  • Are ignored by inheritance calculations.

This means, all memberships and assignments remain intact until the outstanding objects have been processed.

Start target system synchronization to do this.

To allow post-processing of outstanding objects

Related Topics

Configuring Target System Synchronization

Create a target system for post-processing outstanding objects. Assign tables you want to be populated by synchronization, to this target system type. Specify the tables for which outstanding objects can be published in the target system during post-processing. Define a process for publishing the objects.

To create a target system type

  1. In the Manager, select the category Data Synchronization | Basic configuration data | Target system types.

  2. Click in the result list toolbar.

  3. Edit the target system type master data.

  4. Save the changes.

Enter the following data for a target system type.

Table 18: Master Data for a Target System Type

Property

Description

Target system type

Target system type description.

Description

Spare text box for additional explanation.

Display name

Name of the target system type as displayed in One Identity Manager tools.

Cross-boundary inheritance

Specifies whether user accounts can be assigned to groups if they belong to different custom target systems.

NOTE: If this option is not set, the target system type is used to group the target systems.

Show in compliance rule wizard

Specifies whether the target system type for compliance rule wizard can be selected when rule conditions are being set up.

Text snippet

Text snippets used for linking text in the compliance rule wizard.

To add tables to the target system synchronization

  1. In the result list, select the target system type.

  2. Select Assign synchronization tables.

  3. Assign tables whose outstanding objects you want to handle in Add assignments.

  4. Save the changes.
  5. Select Configure tables for publishing.

  6. Select tables whose outstanding objects can be published in the target system and set Publishable.

  7. Save the changes.

NOTE: The connector must have write access to the target system in order to publish outstanding objects that are being post-processed. That means, the option Connection is read only must no be set for the target system connection.

To publish outstanding objects

  • For each table for which you want to publish outstanding objects, create a process, which is triggered by the event HandleOutstanding and which executes the provisioning of the objects. Use the AdHocProjection process function of the ProjectorComponent process component. For more detailed information about defining processes, see One Identity Manager Configuration Guide.

Verwandte Dokumente