Chatee ahora con Soporte

Obtener ayuda en vivo
Completar registro

Iniciar sesión

Solicitar precios

Comuníquese con Ventas

Identity Manager 9.1.3 - Configuration Guide

Navegación de contenido

About this guide One Identity Manager software architecture

Working with objects in One Identity Manager Inserting, modifying, and deleting an object in One Identity Manager

Customizing the One Identity Manager default configuration

Reloading changes dynamically Locking and unlocking individual properties for editing System configuration reports

Customizing the One Identity Manager base configuration

Overview of the database settings Changing database connection data Database configuration for a test, development, or productive environment

Changing the database staging level

Language settings for displaying and maintaining the data

Setting login languages

Default country for determining working hours and public holidays Configuration parameters for system configuration

Editing configuration parameters Creating custom configuration parameters Configuration parameter properties Configuration parameter options

One Identity Manager schema basics

Overview of the One Identity Manager schema

Displaying data models in the Designer Displaying the column dependencies based on templates

Table types and default columns in the One Identity Manager data model Notes on editing table definitions and column definitions Table definitions

Table types in One Identity Manager

Database views of the View type Database views of the proxy type Database views of the Union type Database views of the Read-only type

Table scripts Working with a globally unique identifier module Defining unique columns for tables Specifying deferred deletion for objects Editing table definitions Table definition properties Displaying the table definition Customizer

Column definitions

Templates for generating values

Editing value templates Preventing a change to a column Restricting performance of value templates Example of local value templates within an object Example of cross-object value templates

Limiting column lengths Defining decimal places for displaying values Using predefined formatting types Creating formatting scripts Column dependencies for setting values Permitted column values Specifying requirements for MVP columns Defining bitmasks Configuring columns for full-text search Scripts for conditionally displaying and editing columns Editing column definitions Column definition properties

Table relations Dynamic foreign key Supporting file groups

Editing the user interface

Object definitions for the user interface

Selection criteria for object definitions Using the captions for object definitions Creating and editing object definitions Object definition properties

User interface navigation

Navigation elements Recommendations for editing menu navigation Tips for working with the User Interface Editor Selecting the user interface navigation view for editing

Loading a complete user interface navigation Loading menu navigation using an application Direct loading of menu items Loading menu items using permissions groups Loading menu navigation using a where clause

Simulating user interface navigation during editing Copying existing user interface navigation for new permissions groups Creating a new user interface navigation Copying menu items Creating new menu items Creating new menu categories Assigning menu items to applications Assigning menu items to permissions groups General menu item properties Creating database queries for data-dependent menu items

Recursive data-dependent menu items

Display template for displaying a list Defining insert values

Using links in the navigation Using variables in the navigation

Creating and displaying variables

Forms for the user interface

Recommendations for editing forms Editing user interface forms

Tips for working with the Form Editor Disabling user interface forms Copying user interface forms Creating user interface forms Assigning user interface forms to applications Assigning user interface forms to permissions groups Assigning user interface forms to object definitions Effects of object definitions when displaying interface forms Assigning user interface forms to menu items Displaying custom columns and tables on main data forms Forms for custom extensions Hierarchical display of data on assignment forms Replacing default forms with custom forms User interface form properties Form definitions and form templates

Form templates Form definitions Configuration data for displaying many-to-many and object relations on forms

Working with overview forms

Creating overview forms Adding more form elements to overview forms Special features of editing overview forms Customizing the form elements layout Previewing an overview form during editing Disabling overview forms and form elements Deleting form elements Deleting overview forms

Statistics in One Identity Manager

Creating and editing statistic definitions

General properties statistic definitions Querying statistic measurements

Disabling statistics definition Including statistics in the user interface

Using reports in statistics Using simple reports in statistics

Diagram types for visualizing statistics Examples of statistic definitions

Extending the Launchpad

Recommendations for extending the Launchpad Actions for the Launchpad Creating new menu items and actions for the Launchpad

Task definitions for the user interface

Creating and editing task definitions Disabling task definitions Script for conditional displaying of tasks Properties of task definitions

Applications for configuring the user interface

Program properties

Icons and images for configuring the user interface Using predefined database queries

Localization in One Identity Manager

Working in different time zones Determining working hours Editing country information

Setting countries and states Specifying the standard hours for countries and states/provinces/counties Displaying public holidays for countries and states Editing countries Editing states Country properties State properties Public holiday properties

Language-dependent data representation

Basic rules for using language-dependent data Flagging columns for translation Using the text memory for translation Displaying translations in the Language Editor Showing usage of a translation Editing translations of a single table Editing all translations Changing translation keys Importing translations from the language pack

Process orchestration in One Identity Manager

Mapping processes in One Identity Manager

Editing processes with the Process Editor Defining processes

Creating and editing processes Copying processes Creating and editing process steps Copying single process steps Importing process steps within a process Searching for entries within processes Comparing processes Exporting and importing processes Process properties Process step properties Process step parameters

Editing process step parameters Properties of process step parameters Allocating parameter values

Events for processes

Creating events for processes

Permissions for triggering processes

Simulating process generation Checking the validity of a process Compiling processes Using process-specific and global variables for the process definition Thresholds for handling processes Specifying the executing server

Selecting servers with server functions Selecting servers with selection scripts

Notifications about process step handling Running processes automatically

Displaying process plan status Starting a process plan immediately Creating and editing process plans Process plan properties

Overview of process components

Displaying and editing process task exe types Changing the maximum number of instances for process tasks and process components Properties of process components, process tasks, and parameter templates

Setting up Job servers

Editing the Job server Job server properties Machine roles and server functions

Overview of server functions Overview of machine roles

Job server statistics Connection data for process generation

Entering connection data for the application server Entering Job server connection data

Installing the One Identity Manager Service with the Job Server Editor Configuring the Job server for connecting to the application server

The One Identity Manager Service functionality

Handling processes with the One Identity Manager Service Parallel processing of processes by the One Identity Manager Service Running external processes with the StdioProcessor Configuring the One Identity Manager Service

One Identity Manager Service configuration files Customizing the One Identity Manager Service configuration for a Job server

Template for the configuration file Selecting module types and editing parameters Validating the configuration file

Process collection module

MSSQLJobProvider FileJobProvider FTPJobProvider HTTPJobProvider AppServerJobProvider

Job destination module

JobServiceDestination FileJobDestination FTPJobDestination HTTPJobDestination

Configuration module Logwriter module

EventLogLogWriter FileLogWriter

Dispatcher module Connection module HTTP authentication module Module plugins

HTTPLogPlugin ScheduleCommandPlugin RequestWatchDogPlugin PerformanceCounterPlugin DebugMailPlugin ShareInfoPlugin RemoteConnectPlugin DatabaseAgentPlugin

File module with private key

Tracking changes with process monitoring

Basic rules for process monitoring Logging data changes

Labeling columns for recording changes to data

Logging process information during process handling

Editing process information for processes Editing process information for process steps Editing process information for events

Recording messages in the process history Process tracking for DBQueue Processor operations

Example of replacing the GenProcID

Archiving and deleting records

Deleting log entries in the One Identity Manager database without archiving Specifying log retention times Optimizing performance by deleting log entries

Conditional compilation using preprocessor conditions

Preprocessor-relevant configuration parameters Preprocessor conditions in objects Preprocessor conditions in VB.Net expressions Evaluation of preprocessor conditions during compilation

Scripts in One Identity Manager

Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation

Accessing local object columns Accessing columns of an object connected by a relation Accessing the old column value Accessing the display value of a column Accessing references in comments Accessing metavalues of the local object Accessing objects' display values

Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services

Querying configuration parameters Testing for the existence of certain database entries Querying session object global variables

Using #LD-notation

Using #LD notation in process tracking Example of specifying the language or language variant

Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger

Loading the script library Tips for editing script code in the System Debugger Logging database queries and object actions Testing script code in the System Debugger

Testing scripts in the System Debugger Testing templates and formatting scripts in the System Debugger Testing methods in the System Debugger Testing table scripts in the System Debugger

Saving changes to the database

Extended debugging in the Object Browser

Creating local debug assemblies Debugging in the Object Browser Troubleshooting debugging in the Object Browser

One Identity Manager query language

Language elements of the One Identity Manager query language

Comments Identifier Literal values

String values Integer values Decimal values Date and time values

Parameter references Preformatted Where clauses

Formulating queries in the One Identity Manager query language

Query header Where clauses Search clauses Select clauses Order by clauses Paging clauses Display value clauses Query parameter clauses Query hints Conditions

Special conditions

Comparing columns Comparison by means of IN and NOT IN clauses Compare date differences Compare date ranges Compare fixed values Comparing parameters Using preformatted Where clauses

Reports in One Identity Manager

Working with the Report Editor

Menu items in Report Editor Views in the Report Editor Report Editor program settings Logging database queries

Creating and editing reports in the Report Editor Editing general report properties Creating and editing data sources

Data retrieval using SQL queries Data retrieval using database views Data retrieval using an object Data retrieval using single object history Data retrieval using multiple object history Data retrieval using historical assignments Data query for simulation data

Report parameters

Editing report parameters Editing general parameter settings Editing parameter value definitions Settings for calculating values

Using virtual data sources Editing the report form

Adding data fields to report forms Tips for entering dates in reports

Example of a simple report with data grouping Translating reports Embedding reports in the user interface Generating and exporting reports on a cyclical basis

Adding custom tables or columns to the One Identity Manager schema

Creating new tables Extending tables Defining columns

Creating simple columns Creating foreign key columns Creating dynamic foreign keys Creating new columns for database views with type view Advanced configuration of columns

Creating database views with read-only type

Using Common Table Expressions in read-only database views

Creating database views with Union type Creating new assignment tables Creating indexes Removing custom schema extensions

Possible error messages due to custom schema extensions

Permissions for schema extensions Change labels for the schema extensions Adding schema extensions to the database Recommendations for advanced configuration of custom schema extensions Managing custom database objects within the database

Web service integration

Binding a web service

Generic web service call Direct web service call Self-defined web service call Creating web service solutions with the Web Service Integration Wizard

Modifying a web service solution Deleting a web service solution

One Identity Manager as SCIM 2.0 service provider

Endpoints and base URL SCIM plugin features Authenticating SCIM clients Authenticating SCIM plugins in One Identity Manager Special features of generating the SCIM schema SCIM plugin requests

Processing DBQueue tasks

DBQueue Processor configuration for test, development, or productive environments Configuring notification behavior for DBQueue Processor initialization Reinitializing the DBQueue Processor Bulk processing in the DBQueue Processor Processing DBQueue Processor tasks by the Database Agent Service

Controlling processing of DBQueue Processor tasks Processing DBQueue Processor tasks How the central dispatcher communicates with individual slots

Example of communication during processing

One Identity Manager Service configuration files

Jobservice.cfg viNetworkService.exe.config

One Identity Manager as SCIM 2.0 service provider

One Identity Manager provides an interface corresponding to the System for Cross-domain Identity Management (SCIM) 2.0. The interface enables the import and export of One Identity Manager objects by a SCIM client. For example, the interface can be used to:

Import identity, department, cost center, and location data from an HR system
Import user account and group data from a cloud system
Match custom target systems that have a SCIM V2.0 client
Provision information about identities through a standardized interface for further processing in third-party systems

The SCIM 2.0 service provider for One Identity Manager is provided as a plugin for the API Server and you can select it when you install the API Server. Further configuration of the SCIM plugin itself is not necessary. You can check in the API Server administration portal if the SCIM plugin was installed and activated successfully. For more information on installing an API Server, see the One Identity Manager Installation Guide.

Detailed information about this topic

Endpoints and base URL

NOTE: The providers and endpoints supplied with the interface are fixed and cannot be configured.

The SCIM 2.0 interface can be found in the API Server installation directory under the fixed subdirectory /ApiServer/scim/v2. The base URL is formed as follows:

<http | https>://[<subdomain | server name>.]<domain name>/ApiServer/scim/v2

There are other fixed endpoints. The endpoints are called without any further URL parameters.

/ServiceProviderConfig

The endpoint provides information about the options implemented in the service provider, such as the authentication types on offer. The endpoint can be accessed without authentication.
/Schemas

The return structure of the endpoint defines all data objects and their properties supported by the provider.

/ResourceTypes

When the endpoint is called, the metadata for the data objects published through the /Schemas endpoint are returned. These are linked to an endpoint based on the base URL under which the respective provider of a specific data object type can be reached.

Related topics

SCIM plugin features

The return structure of the /ServiceproviderConfig endpoint defines, among other things, the features that are supported by the SCIM plugin.

patch: When transferring changes, only single operations on object properties are transferred, not the complete object to be changed.
filter: This supports filtering of objects immediately on request or in patch operations.

Authenticating SCIM clients

An authenticationSchemes list is included in the structure returned by the /ServiceproviderConfig endpoint. The list publishes the possible authentication and authorization methods with which the SCIM plugin can be used.

Supported are:

HTTP Basic access authentication
NTLM Authentication and Kerberos
OAuth 2.0 client authorization

Related topics

Authenticating SCIM clients

Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación

© 2024 One Identity LLC. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center