SchemaExtensionCmd.exe
The SchemaExtensionCmd.exe program provides support for importing custom schema extensions into a One Identity Manager database.
In databases with a Test environment or Development system staging level, you can use the program to delete custom schema extensions again.
You can run the program from the command line. The program requires a control file (XML file) for the import. To create control files, use the program. For more information, see the One Identity Manager Configuration Guide.
Calling syntax
SchemaExtensionCmd.exe
/Conn="{Connection string}"
/Auth="{Authentication String}"
[/Definition="{Path to import definition file}"]
[-f]
[/LogLevel=Off|Fatal|Error|Info|Warn|Debug|Trace]
Table 57: Program parameters and options
/Conn |
Database connection parameter. A user with a minimum access level of Configuration user is required.
For more information about permissions, see the One Identity Manager Installation Guide and the One Identity Manager Authorization and Authentication Guide.
Alternatively, you can enter the name of the connection according to the registry HKEY_CURRENT_USER\Software\One Identity\One Identity Manager\Global\Connections. |
/Auth |
Authentication data. The authentication data depends on the authentication module used. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide. |
/Definition |
Path to the control file (XML file)
Example:
C:\Path\To\Definition.xml |
/LogLevel |
(Optional) Scope of output to be processed. Permitted values are:
-
Off: No logging.
-
Fatal: All critical error messages are logged.
-
Error: All error messages are logged.
-
Info: All information is logged.
-
Warn: All warnings are logged.
-
Debug: Debugger outputs are logged. This setting should only be used for testing.
-
Trace: Highly detailed information is logged. This setting should only be used for analysis purposes. The log file quickly becomes large and cumbersome. |
-f |
(Optional) If this parameter is set, the system does not wait for DBQueue Processor task processing. This can lead to errors if schema extensions are expected that must previously be generated by the DBQueue Processor. |
-v |
(Optional) Provides additional information (verbose). |
-? | h |
Display program help. |
Example:
SchemaExtensionCmd.exe
/Conn="Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>"
/Auth=Module=DialogUserAccountBased
/Definition=CustomExtensions.xml
CryptoConfigCMD.exe
The CryptoConfigCMD.exe program supports encryption and decryption of the One Identity Manager database. You can run the program from the command line.
Calling syntax
CryptoConfigCMD.exe
--conn={Connection string}
--auth={Authentication string}
[--mode=Encrypt|EncryptExisting|Decrypt]
[--private-key= {Path to private key}]
[-y]
Table 58: Program parameters and options
--conn |
--connection|
-c |
Database connection parameter. A user with a minimum access level of Configuration user is required.
For more information about permissions, see the One Identity Manager Installation Guide and the One Identity Manager Authorization and Authentication Guide.
Alternatively, you can enter the name of the connection according to the registry HKEY_CURRENT_USER\Software\One Identity\One Identity Manager\Global\Connections. |
--auth |
--auth-props|-a |
Authentication data for the installation. The authentication data depends on the authentication module used.
For more information about authentication modules, see the One Identity Manager Authorization and Authentication Guide. |
--mode |
-m |
(Optional) Mode to run. Permitted values are:
-
Encrypt: create a new private key and encrypt the database (default)
-
EncryptExisting: Encrypt the database with an existing key
-
Decrypt: Decrypt the database values. |
--private-key |
-p |
Enter the file with the encryption information.
This path must not exist when encrypting a database. The key can be found under this path after the encryption process. This key file must be present when decrypting the database. |
-y |
|
(Optional) If the parameter is present, all security queries are answered with Yes. |
--verbose |
-v |
(Optional) Provides additional information (verbose). |
--help |
-h, -? |
Display program help. |
Parameter formats
Multiple-character options can be given in the following forms:
--conn="..."
--conn "..."
/conn="..."
/conn "..."
Single-character options can be given in the following forms:
-c="..."
-c "..."
/c="..."
/c "..."
Switches are allowed in the forms:
-R
/R
Example: Encrypt the database with a new key
CryptoConfigCMD.exe
--conn="Data Source=<Database server>;Initial Catalog=<Database name>; User ID=<Database user>; Password=<Password>"
--auth="Module=DialogUser;User=<User name>;Password=<Password>"
--private-key=C:\path\to\private.key
Example: Encrypt the database with an existing key
CryptoConfigCMD.exe
--conn="Data Source=<Database server>;Initial Catalog=<Database name>; User ID=<Database user>; Password=<Password>"
--auth="Module=DialogUser;User=<User name>;Password=<Password>"
--mode=EncryptExisting
Example: Decrypt the database with an existing key
CryptoConfigCMD.exe
--conn="Data Source=<Database server>;Initial Catalog=<Database name>; User ID=<Database user>; Password=<Password>"
--auth="Module=DialogUser;User=<User name>;Password=<Password>"
--mode=Decrypt
--private-key=C:\path\to\private.key
DBConsCheckCmd.exe
The DBConsCheckCmd.exe program supports consistency checking. You can run the program from the command line.
Unlike the consistency checks in the Manager or the Designer, the table tests and object tests are always carried out on the application data and system data.
Calling syntax
DBConsCheckCmd.exe
[-l]
[-c]
[-p]
[-v]
[-x]
/Auth="{Authentication String}"
[/Category="{Category}]
/Conn="{Connection string}"
[/ConsistencyType="{Type}"]
[/LogLevel=Off|Fatal|Error|Info|Warn|Debug|Trace]
[/Resultfile="{File}"]
[/ResultIdToSkip="{Error ID}"]
[/TestSeverity=Info|Serious|Warning"]
[/UidConsistencyCheck="{UID}"]
[/UidConsistencyCheckToSkip="{UID}"]
Table 59: Program parameters and options
-c |
(Optional) Outputs a list with all consistency checks grouped by category. The program stops after output is complete. |
-l |
(Optional) Outputs a list with all consistency checks grouped by type. The program stops after output is complete. |
-p |
(Optional) If this parameter is used, the processing progress is shown. |
-v |
(Optional) Provides additional information (verbose). |
-x |
(Optional) Test results not displayed. |
/Auth |
Authentication data. The authentication data depends on the authentication module used. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide. |
/Category |
(Optional) Category to use for the consistency checks. Multiple instances of this parameter are possible.
The parameter cannot be combined with the /ConsistencyType parameter.
Example: Configuration\Basics |
/Conn |
Database connection parameter. A user with a minimum access level of End user is required. Some consistency checks require the configuration user or administrative user access level.
For more information about permissions, see the One Identity Manager Installation Guide and the One Identity Manager Authorization and Authentication Guide.
Alternatively, you can enter the name of the connection according to the registry HKEY_CURRENT_USER\Software\One Identity\One Identity Manager\Global\Connections. |
/ConsistencyType |
(Optional) Type of consistency checks to be performed. Multiple instances of this parameter are possible. If the parameter is not specified, all types of consistency checks are loaded. Permitted values are:
-
Database: Runs consistency checks of database test type.
-
Table: Runs consistency checks of table test type.
-
Object: Runs consistency checks of object test type.
The parameter cannot be combined with the /UidConsistencyCheck parameter. |
/LogLevel |
(Optional) Scope of output to be processed. Permitted values are:
-
Off: No logging.
-
Fatal: All critical error messages are logged.
-
Error: All error messages are logged.
-
Info: All information is logged.
-
Warn: All warnings are logged.
-
Debug: Debugger outputs are logged. This setting should only be used for testing.
-
Trace: Highly more information is logged. This setting should only be used for analysis purposes. The log file quickly becomes large and cumbersome. |
/Resultfile |
(Optional) Outputs the results of the consistency checks to a separate results file. If the file already exists, it will be overwritten. |
/ResultIdToSkip |
(Optional) If the a consistency check results in errors, unique error identifiers are assigned to each of the results. If you supply these error IDs with this parameter so that the error is ignored in the output and the result file. Multiple instances of this parameter are possible. |
/TestSeverity |
(Optional) Severity of the consistency checks to be run. Multiple instances of this parameter are possible.
Permitted values are:
-
Info: Displays tests with the Error severity level.
-
Serious: Displays tests with the Serious severity level.
-
Warning: Displays tests with the Warning severity level. |
/UidConsistencyCheck |
(Optional) Provides the consistency check UID. If the parameter is given, only this consistency check is run. Multiple instances of this parameter are possible. If the parameter is not given, all the consistency checks are run.
The parameter cannot be combined with the /ConsistencyType parameter. |
/UidConsistencyCheckToSkip |
Gives the UID of a consistency check not to run. If the parameter is given, only this consistency check is not run. Multiple instances of this parameter are possible. If the parameter is not given, all the consistency checks are run.
The parameter cannot be combined with the /UidConsistencyCheck parameter. |
-? | -h |
Displays program help. |
Example: Listing all consistency checks
DBConsCheckCmd.exe
/Conn= "Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>"
/Auth="Module=DialogUser;User=<User name>;Password=<Password>"
-l
Example: Runs all available consistency checks and outputs a result file
DBConsCheckCmd.exe
/Conn= "Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>"
/Auth="Module=DialogUser;User=<User name>;Password=<Password>"
/Resultfile="c:\temp\DBConsCheckCmd.log"
Example: Runs selected consistency checks, outputs a result file and ignores an error
In the example, the two consistency checks DialogTable without Layout information with UID QBM-C78A4C856111AF4CA839024588197F4B and Template uses too long columns with UID QBM-F231939D9385514E9566F2900D8512E2 are run.
An error with the error ID 1a9cef0b6bd93434c2997341d91f2c1ef420f150 is ignored.
DBConsCheckCmd.exe
/Conn= "Data Source=<Database server>;Initial Catalog=<Database name>;User ID=<Database user>;Password=<Password>"
/Auth="Module=DialogUser;User=<User name>;Password=<Password>"
/Resultfile="c:\temp\DBConsCheckCmd.log"
/UidConsistencyCheck="QBM-C78A4C856111AF4CA839024588197F4B"
/UidConsistencyCheck="QBM-F231939D9385514E9566F2900D8512E2"
/ResultIdToSkip="1a9cef0b6bd93434c2997341d91f2c1ef420f150"
DatabaseAgentServiceCmd.exe
The DatabaseAgentServiceCmd.exe program deploys the Database Agent Service. The Database Agent Service handles the database's internal tasks. For more information, see the One Identity Manager Configuration Guide.
You can run the program from the command line.
Calling syntax
DatabaseAgentServiceCmd.exe
/conn "{Connection string}"
[/alive "{Path to file}"]
[-f]
[-s]
[-c]
Table 60: Program parameters and options
/Conn |
Database connection parameter. A user with a minimum access level of Administrative user is required.
For more information about permissions, see the One Identity Manager Installation Guide and the One Identity Manager Authorization and Authentication Guide. |
/alive |
(Optional) Path of file that show the Database Agent Service's status. The status is checked on a 15 minute cycle. |
-f |
(Optional) The Database Agent Service ignores the migration preparation phases and runs even with older versions of the database. |
-s |
(Optional) Messages are not output on the command line. |
-c |
(Optional) Continue operating in the event of serious errors. |
-? | -h |
Displays program help. |