サポートと今すぐチャット
サポートとのチャット

Identity Manager 9.1.3 - Target System Synchronization Reference Guide

Target system synchronization with the Synchronization Editor Working with the Synchronization Editor Basics of target system synchronization Setting up synchronization
Starting the Synchronization Editor Creating a synchronization project Configuring synchronization
Setting up mappings Setting up synchronization workflows Connecting systems Editing the scope Using variables and variable sets Setting up start up configurations Setting up base objects
Overview of schema classes Customizing the synchronization configuration Checking the consistency of the synchronization configuration Activating the synchronization project Defining start up sequences
Running synchronization Synchronization analysis Setting up synchronization with default connectors Updating existing synchronization projects Script library for synchronization projects Additional information for experts Troubleshooting errors when connecting target systems Configuration parameters for target system synchronization Configuration file examples

Customizing the configuration file

All data required for creating or updating a synchronization projectClosed is saved in XML format. The file is divided into three main sections:

Structure of the configuration file

<?xml version="1.0" encoding="utf-8"?>

<SynchronizationEditorWorkspace Version="1.0">

<Parameters>

...

</Parameters>

<Global>

...

</Global>

<Editors>

...

</Editors>

</SynchronizationEditorWorkspace>

CustomizeClosed the settings to create or update a new synchronization project based on this configuration file. Use parameters for all variable values if different synchronization projects are going to be created or updated with this configuration file.

To Customize the configuration file

  1. Decide on the variable values.

  2. Define parameters for each of these values.

  3. Replace the values with parameters.

Example

Synchronization projects should be created for various Active Directory domains in different One Identity Manager databases on one and the same database server. A synchronization project has been created with the project wizard for one of these domains. This reference project's configuration file must be adjusted such that it can be used for all the other domains.

The following settings must be customized:

  • Define parameters for the One Identity Manager database, database user, system user and its password.

  • Define parameter for the domain name, domain controller Active Directory user and its password.

  • Define a parameter for the synchronization project, if more than one synchronization projects is going to added to one database.

  • Replace the respective values in the global and editor sections with these parameters.

    IMPORTANT: The connection data for the One Identity Manager database in the global definitions (WorkDatabase.ConnectionString) and in the editor definitions (MainConnection.ConnectionParameter) must be identical. If you replace these value with parameters, use the same parameter in each case.

    The following table shows the required adjustments in the configuration file based on a reference project from a SQL Server database. For more information about the connection data for an SQL Server database, see the One Identity Manager Installation Guide. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

    Customizations to the configuration file for new synchronization projects:

    • WorkDatabase.ConnectionString

      data source=<database server>;initial catalog=<database>;
      user id=<user>;pooling=False;Password=$DBPassword$

      Replace <database> and <user> with parameters, such as $Database$ and $DBUser$.

    • WorkDatabase.AuthenticationString

      ModuleClosed=<authentication module>;User[VI.DB_USER]=<system user>;(Password)Password[VI.DB_Password]=<password>

      Replace <system user> and <password> with parameters, such as $SystemUser$ and $SystemPassword$.

    • MainConnection.ConnectionParameter

      Authentication=ProjectorAuthenticator;
      data source=<database server>;DBFactory="VI.DB.ViSqlFactory, VI.DB";
      initial catalog=<database>;password="<DBPassword>";pooling=False;
      user id=<user>

      Replace <system user> and <password> with parameters, such as $SystemUser$ and $SystemPassword$.

    • ConnectedSystemConnection.ConnectionParameter

      ADAuthentication=<authentication type>;
      ADEnableras=<Remote Access Service>;
      ADEnablerecyclebin=<Active Directory recycle bin>;
      ADEnableterminal=<terminal service>;
      ADPort=<Port>;ADRootdn="<distinguished domain name>";
      ADServer=<domain controller>;
      ADTypeEnableExtensions=<type classes allowed>;
      ADTypeExtensions=<type class definition>;
      baseloginaccount=<Active Directory user>;
      basepassword="<Active Directory password>"

      Replace <distinguished domain name>, <domain controller>, <Active Directory user> and <Active Directory password> with parameters.

    • ShellDisplay

      <synchronization project display name>

      Replace the <synchronization project display name> with a parameter if more than one synchronization projects are added to a database.

For more information, see Configuration file for creating new synchronization projects.

Parameter definitions

First, define all the parameters for variable settings. You can use these parameters in the global and editor definitions.

Table 84: Parameter definition

Attribute

Description

Parameter name

Name of the parameter.

Display

Display name of the parameter.

IsQueryParameter

Specifies whether the parameter's value is given by the user.

  • False: The parameter value is passed on the command line.

  • True: The parameter value is queried after the command is run. The user must enter a value. This setting can be used to input a password, for example.

IsSecret

Specifies whether the parameter value is displayed or not.

  • False: The parameter value is displayed when the user enters it.

  • True: The parameter is masked when the user enters it.

Example value

Default value used if no value is entered on the command line or by user input. If no default value is defined, a value must be passed on the command line or entered by the user.

ValueFormat

Format of the parameter value. Permitted values are:

  • ConnectionParameterValue: The value is formatted as a connection parameter. Special characters are masked.
  • Default: The parameter value is handled as given.

If no ValueFormat is defined, the parameter value is handled as given.

Global definitions

The global definitions contain the information required for logging in to the One Identity Manager database where the changes are to be made. If the connection to the target system is supposed to be established over a remote connection, the address data of the remote connection server is also stored here.

Table 85: Global definitions

Elements

Description

WorkDatabase.ConnectionString

Database server connection parameter.

Modify these settings or define a parameter if adding new synchronization projectsClosed to a different database.

WorkDatabase.AuthenticationString

Login data for the One Identity Manager database.

Modify these settings or define a parameter if adding new synchronization projects to a different database.

WorkDatabase.DatabaseFactory

Supported database system. Only SQL Server is supported at present (VI.DB.ViSqlFactory, VI.DB).

LoadedShell.Uid

Unique ID of the synchronization project to be loaded. Only required when making changes to existing synchronization projects.

Remoting.Address

Address of the remote connection server.

Remoting.Port

Port of the remote connection server.

Defining the editor for new synchronization projects

To create new synchronization projectsClosed,use the ShellWizard editor. The definition part of this editor contains the following information:

Table 86: ShellWizard editor definitions

Elements

Description

TemplateUid

Unique project templateClosed ID to be used.

This element does not exist if the reference project was created without a project template.

ConnectedSystemIdentity

SchemaClosed information, such as type, version, and schema ID of the connected system.

ScriptLanguage

Script language used in the synchronization project.

ShellDisplay

Synchronization project display name.

ShellDescription

Description of the synchronization project.

AutoCompletion

Specifies whether the synchronization project is activated immediately.

MainConnection

The connection data for the One Identity Manager database to be synchronized in this synchronization project.

ConnectedSystemConnection

Connection data for the target system to be synchronized with this synchronization project.

TemplateConfiguration

Additional settings that were made in the project wizard. For example:

  • ProvisioningClosed data

  • Enabled revision filter

  • Setting for the synchronization log

  • Selected synchronization serverClosed

This element does not exist if the reference project was created without a project template.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択