A machine role describes the role a computer or server assumes in a One Identity Manager system. You can give each computer or server several roles. This means, one, or more machine roles can be assigned. You select machine roles when One Identity Manager components are installed.
Machine roles are structured hierarchically. If you select a machine role at installation, all parent machine are also assigned.
Example: Machine role structure
Server
If you select the Active Directory machine role during the installation, the Job server and Server machine roles are also assigned.
Some machine roles such as Web cannot be actively selected during the installation. These machine roles are automatically assigned when different web applications are installed with the Web Installer.
Machine roles for installing the One Identity Manager Service are linked with server functions. The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function. The server functions available are predefined when a server installed, based on the selected machine role.
Example: Connection between machine roles and server functions.
The Active Directory machine role is connected to the Active Directory Connector server function. Therefore, when you set up a One Identity Manager synchronization project after the machine role is installed, the server is available as synchronization server in Active Directory.
The installation packages and files to be installed on the computer or server are specified in a machine role. The information about the machine role, the installation package and the files is saved in the file InstallState.config during installation and are thus available for automatic software update.
NOTE: If you use the Software Loader to import new files into the One Identity Manager database, you should assign the files to a machine role. This ensures that the file are distributed by automatic software update. For more information about automatic software updates, see the One Identity Manager Installation Guide.
Related topics
To display information about server functions
The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function.
NOTE: More server functions may be available depending on which modules are installed.
Table 92: Permitted server functions
Update server |
This server automatically updates the software on all the other servers. The server requires a direct connection to the database server that One Identity Manager database is installed on. It can run SQL tasks.
The server with the One Identity Manager database installed on it is labeled with this functionality during initial installation of the schema. |
SQL processing server |
It can run SQL tasks. The server requires a direct connection to the database server that One Identity Manager database is installed on.
Several SQL processing servers can be set up to spread the load of SQL processes. The system distributes the generated SQL processes throughout all the Job servers with this server function. |
CSV script server |
This server can process CSV files using the ScriptComponent process component. |
One Identity Manager Service installed |
Server on which a One Identity Manager Service is installed. |
SMTP host |
Server from which One Identity Manager Service sends email notifications. Prerequisite for sending mails using One Identity Manager Service is SMTP host configuration. |
Default report server |
Server on which reports are generated. |
Related topics
To display information about machine roles
Installation packages to be installed on the Job server are found depending on the selected machine role.
Table 93: Machine role and installation package options
Database Agent |
Contains the DatabaseAgentServiceCmd.exe program for running the Database Agent Service from the command line. |
Documentation |
Contains One Identity Manager documentation in different languages. |
SCIM Provider |
Contains the SCIM Plugin for the API Server |
Server |
Contains all the basic components for setting up a server. |
Server | Job Server |
Contains the One Identity Manager Service and basic processing components. Additional machine roles contain connectors for synchronizing individual target systems. |
Server | Job Server | Configuration tool |
Contain configuration tool for the One Identity Manager Service. |
Server | Web |
Contains all the basic components for setting up a web server. |
Server | Web | Application Server |
Contains the components for setting up an application server. The machine roles Search Service and Search Indexing Service are required for indexing the full text search. These machine roles are always used together. |
Server | Web | Business API Server |
Contains the components for setting up an API Server. |
Server | Web | Manager Web Application |
Contains the tools for installing and configuring the Manager on a web server. |
Server | Web| End User Web Application |
Contains the tools for installing and configuring the Web Portal on a web server. |
Workstation |
Contains all basic components for installing tools on an administrative workstation. |
Workstation | Administration |
Contains administration tools required by default users for fulfilling their tasks with One Identity Manager. In addition to the tools that ensure basic functionality for working with One Identity Manager, the administration machine role includes the Manager as a main administration tool. |
Workstation | Command line administration tools |
Contains various command line programs. |
Workstation | Configuration |
Contains all tools for the default user and additional programs required to configure the system. For example, these include the Configuration Wizard, Database Compiler, Database Transporter, Crypto Configuration, Designer, Web Designer, and configuration tools for the One Identity Manager Service. |
Workstation | Development and Testing |
Contains the tools to develop and test custom scripts, such as the System Debugger. |
Workstation | Monitoring |
Contains programs for monitoring the system status, for example the program. |
Related topics
This Job server statistical data is evaluated and creates a basis for configuration recommendations for Job server load intervals. The data for the last 100 days is included in the calculation of the configuration recommendations. You should take these configuration suggestions into account when configuring the One Identity Manager Service.
To calculate statistics
-
In the Designer, set the Common | JobQueueStats configuration parameter. If the configuration parameter is enabled, the One Identity Manager Service statistics are written to the JobQueueStats table.
-
In the Designer, set the Common | JobQueueStats | MaxAge configuration parameter and enter the retention period for the statistics in days.
For every action in the Job queue, such as inserting, changing, or deleting processes, new statistic entries are created for the Job server. The DBQueue Processor task QBMJobQueueStatsShrink compresses the statistics. The compression takes place for every hour prior to the current hour.
To display Job server statistics
-
In the Designer, select the Base Data > Installation > Job server category.
-
Start the Job Server Editor using the Edit Job server task.
-
Select the Job server to be edited in the Job server overview.
-
Use the Select columns context menu to select the columns with statistics.
These columns are highlighted in the color in the Job server view.
Table 94: Columns for mapping statistics
AverageLoad |
Average processes/hour |
Average number of processes per hour. |
MaxLoad |
Maximum processes/hour |
Maximum number of processes per hour. |
LoadDuration |
Recommended load interval (secs) |
Configuration suggestion for the Process request interval (StartInterval) parameter in the One Identity Manager Service configuration. |
StatisticsDuration |
Recommended statistic interval (secs) |
Configuration suggestion for the Time interval for statistics parameter (StatisticInterval) parameter in the One Identity Manager Service configuration. |
Related topics