Chat now with support
Chat mit Support

Identity Manager 9.0 LTS - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Machine roles and server functions

A machine role describes the role a computer or server assumes in a One Identity Manager system. You can give each computer or server several roles. This means, one, or more machine roles can be assigned. You select machine roles when One Identity Manager components are installed.

Machine roles are structured hierarchically. If you select a machine role at installation, all parent machine are also assigned.

Example: Machine role structure

Server

Job server

Active Directory

If you select the Active Directory machine role during the installation, the Job server and Server machine roles are also assigned.

Some machine roles such as Web cannot be actively selected during the installation. These machine roles are automatically assigned when different web applications are installed with the Web Installer.

Machine roles for installing the One Identity Manager Service are linked with server functions. The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function. The server functions available are predefined when a server installed, based on the selected machine role.

Example: Connection between machine roles and server functions.

The Active Directory machine role is connected to the Active Directory Connector server function. Therefore, when you set up a One Identity Manager synchronization project after the machine role is installed, the server is available as synchronization server in Active Directory.

The installation packages and files to be installed on the computer or server are specified in a machine role. The information about the machine role, the installation package and the files is saved in the file InstallState.config during installation and are thus available for automatic software update.

NOTE: If you use the Software Loader to import new files into the One Identity Manager database, you should assign the files to a machine role. This ensures that the file are distributed by automatic software update. For more information about automatic software updates, see the One Identity Manager Installation Guide.

Related topics

Overview of server functions

To display information about server functions

  • In the Designer, select the Base data > Installation > Server functions category.

The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function.

NOTE: More server functions may be available depending on which modules are installed.
Table 92: Permitted server functions

Server function

Remark

Update server

This server automatically updates the software on all the other servers. The server requires a direct connection to the database server that One Identity Manager database is installed on. It can run SQL tasks.

The server with the One Identity Manager database installed on it is labeled with this functionality during initial installation of the schema.

SQL processing server

It can run SQL tasks. The server requires a direct connection to the database server that One Identity Manager database is installed on.

Several SQL processing servers can be set up to spread the load of SQL processes. The system distributes the generated SQL processes throughout all the Job servers with this server function.

CSV script server

This server can process CSV files using the ScriptComponent process component.

One Identity Manager Service installed

Server on which a One Identity Manager Service is installed.

SMTP host

Server from which One Identity Manager Service sends email notifications. Prerequisite for sending mails using One Identity Manager Service is SMTP host configuration.

Default report server

Server on which reports are generated.

Related topics

Overview of machine roles

To display information about machine roles

  • In the Designer, select the Base data > Installation > Machine roles category.

Installation packages to be installed on the Job server are found depending on the selected machine role.

Table 93: Machine role and installation package options
Machine role Description of the installation package

Workstation

 

Contains all basic components for installing tools on an administrative workstation.

Administration

Contains One Identity Manager administration tools required by default users to fulfill their tasks with One Identity Manager. In addition to the tools that ensure basic functionality for working with One Identity Manager, the administration machine role includes the Manager as a main administration tool.

Configuration

Contains all One Identity Manager tools for the default user and additional programs for configuring the system. These include, for example, the Configuration Wizard, Database Compiler, Database Transporter, Crypto Configuration, Designer, Web Designer, and configuration tools for the One Identity Manager Service.

Development & Testing

Contains the One Identity Manager tools for developing and testing custom scripts and forms, for example, the System Debugger.

Monitoring

Contains One Identity Manager programs for monitoring the system status, for example, the Job Queue Info program.

Documentation

 

Contains One Identity Manager documentation in different languages.

Server

 

Contains all the basic components for setting up a server.

Job server

Contains the One Identity Manager Service and basic processing components. Additional machine roles contain connectors for synchronizing individual target systems.

NOTE: The Base data > Installation > Machine roles category also displays the API and Web machine roles. These are reserved for internal user and cannot be changed or assigned.
Related topics

Job server statistics

This Job server statistical data is evaluated and creates a basis for configuration recommendations for Job server load intervals. The data for the last 100 days is included in the calculation of the configuration recommendations. You should take these configuration suggestions into account when configuring the One Identity Manager Service.

To calculate statistics

  • In the Designer, set the Common | JobQueueStats configuration parameter. If the configuration parameter is enabled, the One Identity Manager Service statistics are written to the JobQueueStats table.

  • In the Designer, set the Common | JobQueueStats | MaxAge configuration parameter and enter the retention period for the statistics in days.

For every action in the Job queue, such as inserting, changing, or deleting processes, new statistic entries are created for the Job server. The DBQueue Processor task QBMJobQueueStatsShrink compresses the statistics. The compression takes place for every hour prior to the current hour.

To display Job server statistics

  1. In the Designer, select the Base Data > Installation > Job server category.

  2. Start the Job Server Editor using the Edit Job server task.

  3. Select the Job server to be edited in the Job server overview.

  4. Use the Select columns context menu to select the columns with statistics.

    These columns are highlighted in the color in the Job server view.

    Table 94: Columns for mapping statistics
    Column Name Meaning

    AverageLoad

    Average processes/hour

    Average number of processes per hour.

    MaxLoad

    Maximum processes/hour

    Maximum number of processes per hour.

    LoadDuration

    Recommended load interval (secs)

    Configuration suggestion for the Process request interval (StartInterval) parameter in the One Identity Manager Service configuration.

    StatisticsDuration

    Recommended statistic interval (secs)

    Configuration suggestion for the Time interval for statistics parameter (StatisticInterval) parameter in the One Identity Manager Service configuration.

Related topics
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen