Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Identity Manager 9.1.1 - Operational Guide

About this guide Simulating data changes in the Manager Scheduling operations activation times Re-applying templates Exporting data with the Manager Analyzing data and data changes Analyzing process monitoring in the Manager Schedules in One Identity Manager Mail templates in One Identity Manager Password policies in One Identity Manager Working with change labels Checking data consistency Compiling a One Identity Manager database Transporting custom changes Importing data with the Data Import Importing and exporting individual files for the software update Creating a One Identity Manager database for test or development from a database backup Initializing DBQueue Processor the after extending the server hardware Command line programs

Starting and ending simulation

WARNING: You should only use the simulation mode in exceptional circumstances. During a simulation, the objects you are editing are locked for other users. Work on individual administration tools may be restricted. Under certain circumstances, the One Identity Manager Service stops running further processes during the simulation phase. Depending on the scope of the changes, the entire One Identity Manager environment can come to a standstill.

NOTE:

  • The active simulation mode is displayed in Manager by the symbol in the status bar and a red status bar displayed.

  • To prevent an excessively long blockade of the overall system, simulation mode ends after 5 minutes if no data change is saved.

To run a simulation:

  1. In the Manager, select Database > Start simulation.

  2. Confirm the security prompt with OK.

    The program switches into simulation mode.

  3. Make your desired changes.

  4. To stop the simulation, click Database > Stop simulation in the Manager menu.

    The program switches to standard working mode and shows the simulation log.

    NOTE: After stopping the simulation, you can save the changes. In the Manager, select the Object > Save or Object > Specify activation time menu item.

Related topics

Evaluating the simulation data

When the simulation ends, the recorded modifications are loaded and displayed in the Manager as a protocol.

Table 1: Logging simulation data
View Description Displayed information

Overview

This gives you an overview of which actions the applied changes will trigger.

You can export the simulation data and display the report.

Number of applied changes for each action.

DBQueue

The DBQueue log shows the following information. You can show the additional information from the context menu.

Operation

Calculation tasks to be run.

Sort order

Sort order to process the calculation task.

Process ID

Unique process ID.

Object

Unique object ID.

Child object

Unique ID of the child object.

Generated process

Shows processes and process steps generated during simulation due to the changes. The individual properties of the processes and process steps are also displayed with their actual values.

Process

Name of the generated process.

Process steps

Name of the generated process step.

Property

Processes property or process step property.

Value

Property value.

Trigger changes

Shows all changes made to objects that have been triggered during the simulation.

Table

Display text of the table to which the record belongs. This is used to group the objects.

Object

Object affected by the change.

Column

Column that was changed.

Old value

Column value before the change.

New value

Column value after the change.

Changed objects

Shows objects and their properties if they were affected by the changes made during simulation.

Table

Display text of the table to which the record belongs. This is used to group the objects.

Object

Object affected by the change.

Column

Column that was changed.

Old value

Column value before the change.

New value

Column value after the change.

Rule evaluation

During the simulation, the system recalculates all the rules that are affected by the changes. New rule violations and rule violations that no longer apply as a result of the recalculation are displayed.

Employee

Employee who violated the rule again or is no longer violating the rule for the first time.

Rule violation

Type of change (rule no longer violated or new rule violation) and the affected rule.

Description

Description of the rule violation.

Related topics

Exporting simulation data

You can export the simulation log as a report in PDF format.

To export and display the simulation data as a report:

  1. In the simulation log, select the Overview view.

  2. Click the button next to the list of actions.

  3. Use the file browser to select the directory path for the report and enter a file name for the report.

  4. To generate the .PDF file, click Save.

  5. Click Yes to show the report now.

Related topics

Scheduling operations activation times

In addition, in the Manager, you can create, change, or delete an object at a specified point in time. The DBQueue Processor checks whether scheduled operations exist. When the scheduled time is reached, the operation is run by the One Identity Manager Service.

NOTE: As a rule, deferred deletion of user accounts by processes is defined in the table definitions as 30 days. After the deferred deletion limit has expired, the user accounts are deleted from the database

To run operations at a specified point in time

  • In the Designer, check if the Common | DeferredOperation configuration parameter is set. Check the value of the configuration parameter and adjust it if necessary. Permitted values are:

    • 1 (default): In the Manager, you can schedule the activation time for creating, changing, or deleting an object.

    • 0: Deferred deleted operation are carried out, such as, deferred deletion of user accounts. It is not possible to schedule the activation time in the Manager.

    You must recompile the database if you enable or disable the configuration parameter.

    If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.

  • In the Designer, check the Common | DeferredOperation | AllowUpdateInInsertMode configuration parameter and adapt it to the required behavior.

    • If this configuration parameter is disabled, an error occurs during processing if you try to insert an object that already exists in the database.

    • If this configuration parameter is enabled, when you insert an object that already exists in the database, the object is updated.

  • In the Designer, check the Common | DeferredOperation | IgnoreMissingOnDelete configuration parameter and adapt it to the required behavior.

    • If this configuration parameter is disabled, an error occurs during processing if you try to delete an object that no longer exists in the database.

    • If this configuration parameter is enabled, missing objects are ignored during deletion.

Detailed information about this topic
Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation