Chatta subito con l'assistenza
Chat con il supporto

Identity Manager 8.2.1 - Administration Guide for Connecting to Cloud Applications

Mapping cloud applications in One Identity Manager Synchronizing cloud applications through the Universal Cloud Interface Provisioning object changes Managing provisioning processes in the Web Portal Mapping cloud objects in One Identity Manager
Cloud applications Container structures in cloud applications User accounts in cloud applications Groups and system entitlements in cloud applications Permissions controls in a cloud application
Base data for managing cloud applications Default project template for cloud applications Cloud system object processing methods Configuration parameters for managing cloud applications

Configuring the provisioning of memberships

Configuring single object synchronization

Changes made to individual objects in the target system can be immediately applied in the One Identity Manager database without having to start a full synchronization of the target system environment. Individual objects can only be synchronized if the object is already present in the One Identity Manager database. The changes are applied to the mapped object properties. If a membership list belongs to one of these properties, the entries in the assignment table will also be updated. If the object is no longer present in the target system, then it is deleted from the One Identity Manager database.

Prerequisites

  • A synchronization step exists that can import the changes to the changed object into One Identity Manager.

  • The path to the base object of the synchronization is defined for the table that contains the changed object.

Single object synchronization is fully configured for synchronization projects created using the default project template. If you want to incorporate custom tables into this type of synchronization project, you must configure single object synchronization for these tables. For more information about this, see the One Identity Manager Target System Synchronization Reference Guide.

To define the path to the base object for synchronization for a custom table

  1. In the Manager, select the Universal Cloud Interface > Basic configuration data > Target system types category.

  2. In the result list, select the SCIM interface target system type.

  3. Select the Assign synchronization tables task.

  4. In the Add assignments pane, assign the table for which you want to use single object synchronization.

  5. Save the changes.

  6. Select the Configure tables for publishing task.

  7. Select the table and enter the Root object path.

    Enter the path to the base object in the ObjectWalker notation of the VI.DB.

    Example: FK(UID_UCIRoot).XObjectKey

  8. Save the changes.
Related topics

Accelerating provisioning and single object synchronization

Synchronizing with override files

When you set up synchronization with a cloud application, One Identity Manager uses the SCIM schema exported from the server. If the SCIM connector cannot find the schema, you can pass it the schema data by using override files. The override files contain a complete description of the schema being used and they must confirm to the SCIM Core Schema specification (RFC 7643).

To configure synchronization with override files

  1. Start the Synchronization Editor.

  2. Enable expert mode.

  3. Set up an initial synchronization project. For more information, see Creating a synchronization project for initial synchronization of a cloud application. The following special features apply:

    1. On the Expert settings page, define whether you want to make additional settings. Set the Show schema settings option.

    2. On the Schema definition page, enter the path for the override files. Both files must exist.

      • Schema override file: Contains the complete schema definition of the cloud application.

      • Resource configuration override file: Contains the full resource definition of the cloud application.

    3. To check the override files for errors, click Check.

NOTE: If override file are given in the synchronization configuration files they replace a schema definition on the server.

Schema definitions from override files are saved as connection parameters (DPRSystemConnection.ConnectionParameter).

You must make any changes to the SCIM schema in the override files, which must then be reloaded into the synchronization project.

To add schema changes to the synchronization project

  1. Update the schema definition in the override files.

  2. In the Synchronization Editor, open the synchronization project.

  3. Enable expert mode.

  4. Select the Configuration > Target system category.

  5. Select the General view and click Edit connection.

    This starts the system connection wizard.

  6. On the Schema definition page, enter the path for the override files.

  7. End the system connection wizard.

    This updates the connection parameters.

  8. Select the General view and click Update schema.

  9. Confirm the security prompt with Yes.
  10. Save the changes.

If the server has a valid schema definition because of later changes, for example, the override files' schema must be removed from the connection parameters.

To remove the override file's schema and apply the server's schema definition

  1. In the Synchronization Editor, open the synchronization project.

  2. Enable expert mode.

  3. Select the Configuration > Target system category.

  4. Select the General view and click Edit connection.

    This starts the system connection wizard.

  5. Select the Endpoint Configuration page and enter the URIs for the SCIM end points. Use the SCIM base schema if no URIs are given.

  6. Select the Schema definition page and click Clear existing for both the schema override file and the resource configuration override file.

  7. End the system connection wizard.

  8. Select the General view and click Update schema.

  9. Confirm the security prompt with Yes.
  10. Save the changes.
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione