Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Identity Manager 9.1 - One Identity Manager Connector User Guide

Configuring target system synchronization

Create a target system for post-processing outstanding objects. Assign tables you want to be populated by synchronization, to this target system type. Specify the tables for which outstanding objects can be published in the target system during post-processing. Define a process for publishing the objects.

To create a target system type

  1. In the Manager, select the Data Synchronization > Basic configuration data > Target system types category.

  2. Click in the result list.

  3. Edit the target system type main data.

  4. Save the changes.

Enter the following data for a target system type.

Table 8: main data for a target system type

Property

Description

Target system type

Target system type description.

Description

Text field for additional explanation.

Display name

Name of the target system type as displayed in One Identity Manager tools.

Cross-boundary inheritance

Specifies how user accounts are assigned to or inherit groups and system entitlements if they belong to different custom target systems.

  • If the option is set, groups and system entitlements can be assigned to user accounts that belong to the same target system or to different target systems. The target systems must have the same target system type.

    For all target systems of a target system type, the settings for the User Account Contains Memberships column(UNSRootB.UserContainsGroupList) must be identical.

  • If the option is not set, groups and system entitlements can only be assigned to the same target system.

NOTE: If the option is not set, the target system type is used to simplify grouping of the target systems.

Show in compliance rule wizard

Specifies whether the target system type for compliance rule wizard can be selected when rule conditions are being set up.

Text snippet

Text snippets used for linking text in the compliance rule wizard.

Alternative connectors

List of connector that can process this type of target system.

To add tables to target system synchronization

  1. In the Manager, select the Data Synchronization > Basic configuration data > Target system types category.

  2. In the result list, select the target system type.

  3. Select the Assign synchronization tables task.

  4. In the pane, assign custom tables to the outstanding objects you want to handle.

  5. Save the changes.
  6. Select the Configure tables for publishing task.

  7. Select the tables that contain the outstanding objects that can be published in the target system and set the Publishable option.

  8. Save the changes.

NOTE: The connector must have write access to the target system in order to publish outstanding objects that are being post-processed. That means, the Connection is read-only option must not be set for the target system connection.

To publish outstanding objects

  • For each table for which you want to publish outstanding objects, create a process, which is triggered by the event HandleOutstanding and which runs the provisioning of the objects. Use the AdHocProjection process task of the ProjectorComponent process component.

    For more information about defining processes, see the One Identity Manager Configuration Guide.

Post-processing outstanding objects

To post-process outstanding objects

  1. In the Manager, select the Data synchronization > Target system synchronization: <target system type> category.

    All tables assigned to the target system type are displayed in the navigation view.

  2. Select the table whose outstanding objects you want to edit in the navigation view.

    All objects marked as outstanding are shown on the form.

    TIP:

    To display object properties of an outstanding object

    1. Select the object on the target system synchronization form.

    2. Open the context menu and click Show object.

  1. Select the objects you want to rework. Multi-select is possible.

  2. Click on one of the following icons in the form toolbar to run the respective method.

    Table 9: Methods for handling outstanding objects

    Icon

    Method

    Description

    Delete

    The object is immediately deleted from the One Identity Manager database. Deferred deletion is not taken into account.

    Indirect memberships cannot be deleted.

    Publish

    The object is added to the target system. The Outstanding label is removed from the object.

    This runs a target system specific process that triggers the provisioning process for the object.

    Prerequisites:

    • The table containing the object can be published.

    • The target system connector has write access to the target system.

    Reset

    The Outstanding label is removed for the object.

  3. Confirm the security prompt with Yes.

NOTE: By default, the selected objects are processed in parallel, which speeds up the selected method. If an error occurs during processing, the action is stopped and all changes are discarded.

Bulk processing of objects must be disabled if errors are to be localized, which means the objects are processed sequentially. Failed objects are named in the error message. All changes that were made up until the error occurred are saved.

To disable bulk processing

  • Disable the icon in the form's toolbar.

Related topics

Troubleshooting

For more information about correcting errors during synchronization of object hierarchies, see the One Identity Manager Target System Synchronization Reference Guide.

Ignoring data error in synchronization

By default, objects with incorrect data are not synchronized. These objects can be synchronized once the data has been corrected. In certain situations, however, it might be necessary to synchronize objects like these and ignore the data properties that have errors. This synchronization behavior can be configured in One Identity Manager.

The setting does not take effect if the application server's REST API is used to connect to the central database.

To ignoring data errors during synchronization in One Identity Manager

  1. In the Synchronization Editor, open the synchronization project.

  2. Select the Configuration > One Identity Manager connection category.

  3. In the General view, click Edit connection.

    This starts the system connection wizard.

  4. On the Additional options page, enable Try to ignore data errors.

    This option is only effective if Continue on error is set in the synchronization workflow.

    Default columns, such as primary keys, UID columns, or mandatory input columns cannot be ignored.

  5. Save the changes.

IMPORTANT: If this option is set, One Identity Manager tries to ignore commit errors that could be related to data errors in a single column. This causes the data changed in the affected column to be discarded and the object is subsequently saved again. This effects performance and leads to loss of data.

Only set this option in the exceptional circumstance of not being able to correct the data before synchronization.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation