サポートと今すぐチャット

オンラインヘルプの参照
登録の完了

サインイン

価格設定をリクエスト

営業担当に連絡

Identity Manager 9.3 - Configuration Guide

コンテンツのナビゲーション

About this guide One Identity Manager software architecture

Working with objects in One Identity Manager Inserting, modifying, and deleting an object in One Identity Manager

Customizing the One Identity Manager default configuration

Reloading changes dynamically Locking and unlocking individual properties for editing System configuration reports

Customizing the One Identity Manager base configuration

Overview of the database settings Changing database connection data Configuring the database for test, development, or production

Changing the database staging level

Language settings for displaying and maintaining the data

Setting login languages

Default country for determining working hours and public holidays Configuration parameters for system configuration

Editing configuration parameters Creating custom configuration parameters Configuration parameter properties Configuration parameter options

One Identity Manager schema basics

Overview of the One Identity Manager schema

Displaying data models in the Designer Displaying the column dependencies based on templates

Table types and default columns in the One Identity Manager data model Notes on editing table definitions and column definitions Table definitions

Table types in One Identity Manager

Database views of the View type Database views of the proxy type Database views of the Union type Database views of the Read-only type

Table scripts Working with a globally unique identifier module Defining unique columns for tables Specifying deferred deletion for objects Editing table definitions Table definition properties Displaying the table definition Customizer

Column definitions

Templates for generating values

Selecting templates from the configuration library Editing value templates Preventing a change to a column Restricting performance of value templates Example of local value templates within an object Example of cross-object value templates

Limiting column lengths Defining decimal places for displaying values Using predefined formatting types Selecting formatting scripts from the configuration library Creating formatting scripts Column dependencies for placing values Permitted column values Specifying requirements for MVP columns Defining bitmasks Scripts for conditionally displaying and editing columns Editing column definitions Column definition properties

Table relations Dynamic foreign key Supporting file groups

The full-text search in One Identity Manager

Customizing settings for the search index Configuring columns for full-text search Configuring tables for full-text search

Localization in One Identity Manager

Working in different time zones Determining working hours Editing country information

Setting countries and states Specifying the standard hours for countries and states/provinces/counties Displaying public holidays for countries and states Editing countries Editing states Country properties State properties Public holiday properties

Language-dependent data representation

Basic rules for using language-dependent data Flagging columns for translation Using the text memory for translation Displaying translations in the Language Editor Showing usage of a translation Editing translations of a single table Editing all translations Changing translation keys Importing translations from the language pack

Process orchestration in One Identity Manager

Mapping processes in One Identity Manager

Editing processes with the Process Editor Defining processes

Creating and editing processes Copying processes Creating and editing process steps Copying single process steps Importing process steps into a process Searching for entries within processes Comparing processes Exporting and importing processes Process properties Process step properties Process step parameters

Editing process step parameters Properties of process step parameters Allocating parameter values

Events for processes

Creating events for processes

Permissions for triggering processes

Simulating process generation Checking the validity of a process Testing process compilation Committing and compiling changes to processes Using process-specific and global variables for the process definition Thresholds for handling processes Specifying the executing server

Selecting servers with server functions Selecting servers with selection scripts

Notifications about process step handling Running processes automatically

Displaying process plan status Starting a process plan immediately Creating and editing process plans Process plan properties

Overview of process components

Displaying and editing process task exe types Changing the maximum number of instances for process tasks and process components Properties of process components, process tasks, and parameter templates

Setting up Job servers

Creating and editing Job servers Job server properties Machine roles and server functions

Overview of server functions Overview of machine roles

Job server statistics Connection data for process generation

Entering connection data for the application server Entering Job server connection data

Installing the One Identity Manager Service with the Job Server Editor Configuring the Job server for connecting to the application server

The One Identity Manager Service functionality

Handling processes with the One Identity Manager Service Parallel processing of processes by the One Identity Manager Service Running external processes with the StdioProcessor Configuring the One Identity Manager Service

Module for configuring the One Identity Manager Service Customizing the One Identity Manager Service configuration for a Job server

Using the configuration file template Selecting module types and editing parameters Validating the configuration file

Configuring the MSSQLJobProvider Configuring the AppServerJobProvider Configuring the JobServiceDestination General configuration settings of the One Identity Manager Service Configuring the FileLogWriter for logging Configuring the EventLogLogWriter for logging Configuring the One Identity Manager Service as a proxy server Configuration settings for One Identity Manager Service behavior Configuring HTTP authentication Configuring the HTTPLogPlugin Configuring the ScheduleCommandPlugin Configuring the RequestWatchDogPlugin Configuring the PerformanceCounterPlugin Configuring the DebugMailPlugin Configuring the ShareInfoPlugin Configuring the RemoteConnectPlugin Configuring the DatabaseAgentPlugin Enter file with private key for the One Identity Manager Service

Tracking changes with process monitoring

Basic rules for process monitoring Logging data changes

Labeling columns for recording changes to data

Logging process information during process handling

Editing process information for processes Editing process information for process steps Editing process information for events

Recording messages in the process history Process tracking for DBQueue Processor operations

Example of replacing the GenProcID

Archiving and deleting records

Deleting log entries in the One Identity Manager database without archiving Specifying log retention times Optimizing performance by deleting log entries

Conditional compilation using preprocessor conditions

Preprocessor-relevant configuration parameters Preprocessor conditions in objects Preprocessor conditions in VB.Net expressions Evaluation of preprocessor conditions during compilation

Scripts in One Identity Manager

Visual Basic .NET scripts usage Notes on using date values Tips for using PowerShell scripts Using dollar ($) notation

Accessing local object columns Accessing columns of an object connected by a relation Accessing the old column value Accessing the display value of a column Accessing references in comments Accessing metavalues of the local object Accessing objects' display values

Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services

Querying configuration parameters Testing for the existence of certain database entries Querying session object global variables

Using #LD-notation

Using #LD notation in process tracking Example of specifying the language or language code

Displaying messages in the user interface Referencing packages and files in scripts Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Committing and compiling script changes Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger

Creating and loading the system library in the System Debugger Tips for editing script code in the System Debugger Logging database queries and object actions Testing script code in the System Debugger

Testing scripts in the System Debugger Testing templates and formatting scripts in the System Debugger Testing methods in the System Debugger Testing table scripts in the System Debugger

Saving System Debugger changes in the database

Extended debugging in the Object Browser

Creating local debug assemblies Debugging in the Object Browser Troubleshooting debugging in the Object Browser

One Identity Manager query language

Language elements of the One Identity Manager query language

Comments Identifier Literal values

String values Integer values Decimal values Date and time values

Parameter references Preformatted Where clauses

Formulating queries in the One Identity Manager query language

Query header Where clauses Search clauses Select clauses Order by clauses Paging clauses Display value clauses Query parameter clauses Query hints Conditions

Special conditions

Comparing columns Comparison by means of IN and NOT IN clauses Compare date differences Compare date ranges Compare fixed values Comparing parameters Using preformatted Where clauses

Editing the user interface

Object definitions for the user interface

Selection criteria for object definitions Using captions for object definitions Creating and editing object definitions Object definition properties

User interface navigation

Components for navigation Recommendations for editing menu navigation Tips for working with the User Interface Editor Selecting the user interface navigation view for editing

Loading a complete user interface navigation Loading menu navigation using an application Direct loading of menu items Loading menu items using permissions groups Loading menu navigation using a where clause

Simulating user interface navigation during editing Copying existing user interface navigation for new permissions groups Creating a new user interface navigation Copying menu items Creating new menu items Creating new menu categories Assigning menu items to applications Assigning menu items to permissions groups Menu item properties Creating database queries for data-dependent menu items

Recursive data-dependent menu items

Using links in the navigation Using variables in the navigation

Creating and displaying variables

Defining values to insert Result lists for menu items

Templates for displaying lists Disabling result lists Editing result lists Creating result lists Columns for result lists Defining default columns for result lists and overview forms Defining your own columns for results lists Assigning results lists to menu items Result list properties

Forms for the user interface

Recommendations for editing forms Editing user interface forms

Tips for working with the Form Editor Disabling user interface forms Copying user interface forms Creating user interface forms Assigning user interface forms to applications Assigning user interface forms to permissions groups Assigning user interface forms to object definitions Effects of object definitions when displaying interface forms Assigning user interface forms to menu items Displaying custom columns and tables on main data forms Forms for custom extensions Hierarchical display of data on assignment forms User interface form properties Form definitions and form templates

Form templates Form definitions Configuration data for displaying many-to-many and object relations on forms

Working with overview forms

Creating overview forms Adding more form elements to overview forms Special features of editing overview forms Previewing an overview form during editing Customizing the form elements layout Columns for form elements Defining your own columns for form elements Assigning interface forms to form elements Disabling overview forms and form elements Deleting form elements Deleting overview forms

Statistics in One Identity Manager

Creating and editing statistic definitions

General properties statistic definitions Querying statistic measurements

Disabling statistics definition Including statistics in the user interface

Using reports in statistics Using simple reports in statistics

Diagram types for visualizing statistics Examples of statistic definitions

Extending the Launchpad

Recommendations for extending the Launchpad Actions for the Launchpad Creating new menu items and actions for the Launchpad

Task definitions for the user interface

Creating and editing task definitions Disabling task definitions Script for conditional displaying of tasks Properties of task definitions

Applications for configuring the user interface

Program properties

Icons and images for configuring the user interface Using predefined database queries

Reports in One Identity Manager

Working with the Report Editor

Menu items in Report Editor Views in the Report Editor Report Editor program settings Logging database queries

Creating and editing reports in the Report Editor Editing general report properties Creating and editing data sources

Data retrieval using SQL queries Data retrieval using database views Data retrieval using an object Data retrieval using single object history Data retrieval using multiple object history Data retrieval using historical assignments Data query for simulation data

Report parameters

Editing report parameters General parameter settings Parameter value definitions Settings for calculating values

Using virtual data sources Editing the report form

Adding data fields to report forms Tips for entering dates in reports

Example of a simple report with data grouping Embedding reports in the user interface Translating reports Generating and exporting reports

Adding custom tables or columns to the One Identity Manager schema

Creating new tables Extending tables Defining columns

Creating simple columns Creating foreign key columns Creating dynamic foreign keys Creating new columns for database views with type view Advanced configuration of columns

Creating database views with read-only type

Using Common Table Expressions in read-only database views

Creating database views with Union type Creating new assignment tables Creating indexes Removing custom schema extensions

Possible error messages due to custom schema extensions

Permissions for schema extensions Change labels for the schema extensions Adding schema extensions to the database Recommendations for advanced configuration of custom schema extensions Notes for custom functions, triggers, or database procedures Managing custom database objects within the database

Web service integration

Deploying web service client assemblies

Creating NuGet packages for web services Importing NuGet packages for web services

Referencing NuGet packages for web services in scripts Referencing web service projects in the System Debugger

One Identity Manager as SCIM 2.0 service provider

Endpoints and base URL SCIM plugin features Authenticating SCIM clients Authenticating SCIM plugins in One Identity Manager Special features of generating the SCIM schema SCIM plugin requests

Processing DBQueue Processor tasks

DBQueue Processor configuration for test, development, or production environments Customizing the configuration for DBQueue Processor task processing Bulk processing in the DBQueue Processor Database Agent Service functionality

Influencing processing sequence of DBQueue Processor tasks Processing sequence for DBQueue Processor tasks

Structure of the Jobservice.cfg configuration file

Endpoints and base URL

NOTE: The providers and endpoints supplied with the interface are fixed and cannot be configured.

The SCIM 2.0 interface can be found in the API Server installation directory under the fixed subdirectory /ApiServer/scim/v2. The base URL is formed as follows:

<http | https>://[<subdomain | server name>.]<domain name>/ApiServer/scim/v2

There are other fixed endpoints. The endpoints are called without any further URL parameters.

/ServiceProviderConfig

The endpoint provides information about the options implemented in the service provider, such as the authentication types on offer. The endpoint can be accessed without authentication.
/Schemas

The return structure of the endpoint defines all data objects and their properties supported by the provider.

/ResourceTypes

When the endpoint is called, the metadata for the data objects published through the /Schemas endpoint are returned. These are linked to an endpoint based on the base URL under which the respective provider of a specific data object type can be reached.

Related topics

SCIM plugin features

The return structure of the /ServiceproviderConfig endpoint defines, among other things, the features that are supported by the SCIM plugin.

patch: When changes are transferred, only individual operations on properties are transferred, not the whole of the object to change.
filter: This supports filtering of objects immediately on request or in patch operations.

Authenticating SCIM clients

An authenticationSchemes list is included in the structure returned by the /ServiceproviderConfig endpoint. The list publishes the possible authentication and authorization methods with which the SCIM plugin can be used.

Supported are:

HTTP Basic access authentication
NTLM Authentication and Kerberos
OAuth 2.0 client authorization

Related topics

Authenticating SCIM plugins in One Identity Manager

Authenticating SCIM plugins in One Identity Manager

To access the One Identity Manager database, the SCIM plugin be authenticated. Authentication is carried out by the One Identity Manager authentication modules. For more information, see the One Identity Manager Authorization and Authentication Guide.

The authentication modules are checked in the following order and the first successful authentication module is used for logging in. Ensure sure that at least one authentication module is enabled and configured. For more information about the authenticating users on the API Server, see the One Identity Manager API Development Guide.

Active Directory user account (ADSAccount)
HTTP Header (HTTPHeader)
OAuth 2.0/OpenID Connect (role-based) (OAuthRoleBased)

Related topics

Authenticating SCIM clients

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択

© ALL RIGHTS RESERVED. 利用規約プライバシー Cookie Preference Center