Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Identity Manager 8.1.4 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Setting up Job servers Configuring the One Identity Manager Service Handling processes in One Identity Manager
Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Using scripts Notes on message output Notes on using date values Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Script library Support for processing of scripts in Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for executing scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration SOAP Web Service One Identity Manager as SPML provisioning service provider Processing DBQueue tasks One Identity Manager Service configuration files

Job server properties

NOTE: More properties may be available depending on which modules are installed.
Table 70: Job server properties

Property

Meaning

Server Job server name.
Full server name Full server name in accordance with DNS syntax.

Example:

<Name of server>.<Fully qualified domain name>

Server is cluster Specifies whether the server maps a cluster.
Server belongs to cluster

Cluster to which the server belongs.

NOTE: The Server is cluster and Server belongs to cluster properties are mutually exclusive.
IP address (IPv6) Internet protocol version 6 (IPv6) server address.
IP address (IPv4) Internet protocol version 4 (IPv4) server address.
Coding Character set coding that is used to write files to the server.
Parent Job server Name of the parent Job server.
Executing server Name of the executing server. The name of the server that exists physically and where the processes are handled.

This input is evaluated when the One Identity Manager Service is automatically updated. If the server is handling several queues, the process steps are not supplied until all the queues that are being processed on the same server have completed their automatic update.

Queue Name of the queue to handle the process steps. Each One Identity Manager Service within the network must have a unique queue identifier. The process steps are requested by the Job queue using this exact queue name. The queue identifier is entered in the One Identity Manager Service configuration file.
Server operating system Operating system of the server. This input is required to resolve the path name for replicating software profiles. The values Win32, Windows, Linux, and Unix are permitted. If no value is specified, Win32 is used.
Service account data One Identity Manager Service user account information. In order to replicate between non-trusted systems (non-trusted domains, Linux server), the One Identity Manager Service user information has to be declared for the servers in the database. This means that the service account, the service account domain, and the service account password have to be entered for the server.
One Identity Manager Service installed Specifies whether a One Identity Manager Service is installed on this server. This option is enabled by the QBM_PJobQueueLoad procedure the moment the queue is called for the first time.

The option is not automatically removed. If necessary, you can reset this option manually for servers whose queue is no longer enabled.

Stop One Identity Manager Service Specifies whether the One Identity Manager Service has stopped. If this option is set for the Job server, the One Identity Manager Service does not process any more tasks.

You can make the service start and stop with the appropriate administrative permissions in the Job Queue Info program. For more detailed information, see the One Identity Manager Process Monitoring and Troubleshooting Guide.

No automatic software update

Specifies whether to exclude the server from automatic software updating.

NOTE: Servers must be manually updated if this option is set.
Software update running Specifies whether a software update is currently running.

No direct database connection

Specifies whether the Job server has a direct connection to the database. Enable this option if the Job server receives its processes through an application server.

Connection data

If the Job server has no direct connection to the database, enter the connection data for the application service.

You can enter the connection data in the Designer, in the Base data | Security settings | Connection data category.

Extended properties Additional information about Job servers. The UID of the Job server and the details of creation and change (user, date) are displayed. These cannot be edited.

Last fetch time

Last time the process was collected.

Last timeout check

The time of the last check for loaded process steps with a dispatch value that exceeds the one in the Common | Jobservice | LoadedJobsTimeOut configuration parameter.

Server function Server functionality in One Identity Manager. One Identity Manager processes are handled with respect to the server function.
Machine role Role of the Job server in One Identity Manager. Installation packages to be installed on the Job server are found depending on the selected machine role.
Related topics

Machine roles and server functions

A machine role describes the role a computer or server assumes in a One Identity Manager system. You can give each computer or server several roles. This means, one, or more machine roles can be assigned. You select machine roles when One Identity Manager components are installed.

Machine roles are structured hierarchically. If you select a machine role at installation, all parent machine are also assigned.

An example of machine role structure

Server

Job server

Active Directory

If you select the Active Directory machine role during the installation, the Job server and Server machine roles are also assigned.

Some machine roles such as Web cannot be actively selected during the installation. These machine roles are automatically assigned when different web applications are installed with the Web Installer.

Machine roles for installing the One Identity Manager Service are linked with server functions. The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function. The server functions available are predefined when a server installed, based on the selected machine role.

Example for the connection between machine roles and server functions.

The Active Directory machine role is connected to the Active Directory Connector server function. Therefore, when you set up a One Identity Manager synchronization project after the machine role is installed, the server is available as synchronization server in Active Directory.

The installation packages and files to be installed on the computer or server are specified in a machine role. The information about the machine role, the installation package and the files is saved in the file InstallState.config during installation and are thus available for automatic software update.

NOTE: If you use the Software Loader to import new files into the One Identity Manager database, you should assign the files to a machine role. This ensures that the file are distributed by automatic software update. For detailed information about automatic software updates, see the One Identity Manager Installation Guide.

Related topics

Overview of server functions

To display information about server functions

  • In the Designer, select the Base data | Installation | Server functions category.

The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function.

NOTE: More server functions may be available depending on which modules are installed.
Table 71: Permitted server functions

Server function

Remark

Update server

This server automatically updates the software on all the other servers. The server requires a direct connection to the database server that One Identity Manager database is installed on. It can run SQL tasks.

The server with the One Identity Manager database installed on it is labeled with this functionality during initial installation of the schema.

SQL processing server

It can run SQL tasks. The server requires a direct connection to the database server that One Identity Manager database is installed on.

Several SQL processing servers can be set up to spread the load of SQL processes. The system distributes the generated SQL processes throughout all the Job servers with this server function.

CSV script server

This server can process CSV files using the ScriptComponent process component.

One Identity Manager Service installed

Server on which a One Identity Manager Service is installed.

SMTP host

Server from which One Identity Manager Service sends email notifications. Prerequisite for sending mails using One Identity Manager Service is SMTP host configuration.

Default report server

Server on which reports are generated.

Related topics

Overview of machine roles

To display information about machine roles

  • In the Designer, select the Base data | Installation | Machine roles category.

Installation packages to be installed on the Job server are found depending on the selected machine role.

Table 72: Machine role and installation package options
Machine role Description of the installation package
Workstation  

Contains all basic components for installing tools on an administrative workstation.

Administration

Contains One Identity Manager administration tools required by default users to fulfill their tasks with One Identity Manager. In addition to the tools that ensure basic functionality for working with One Identity Manager, the administration machine role includes the Manager as a main administration tool.

Configuration

Contains all One Identity Manager tools for the default user and additional programs for configuring the system. These include, for example, the Configuration Wizard, Database Compiler, Database Transporter, Crypto Configuration, Designer, Web Designer, and configuration tools for the One Identity Manager Service.

Development & Testing

Contains the One Identity Manager tools for developing and testing custom scripts and forms, for example, the System Debugger.

Monitoring

Contains One Identity Manager programs for monitoring the system status, for example, the Job Queue Info program.

Documentation

 

Contains One Identity Manager documentation in different languages.
Server  

Contains all the basic components for setting up a server.

Job server

Contains the One Identity Manager Service and basic processing components. Additional machine roles contain connectors for synchronizing individual target systems.

NOTE: The Base data | Installation | Machine roles category also displays the API and Web machine roles. These are reserved for internal user and cannot be changed or assigned.
Related topics
Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation