You can also use the system connection wizard to change the connection parameters. If variables are defined for the settings, the changes are transferred to the active variable set.
NOTE: In the following circumstances, the default values cannot be restored:
In both these cases, the system connection wizard overwrites the default values. They cannot be restored at a later time.
To edit connection parameters using the system connection wizard
-
In the Synchronization Editor, open the synchronization project.
-
In the toolbar, select the active variable set to be used for the connection to the target system.
NOTE: If the default variable set is selected, the default values are overwritten and cannot be restored at a later time.
-
Select the Configuration > Target system category.
-
Click Edit connection.
This starts the system connection wizard.
-
Follow the system connection wizard instructions and change the relevant properties.
- Save the changes.
Related topics
All the schema data (schema types and schema properties) of the target system schema and the One Identity Manager schema are available when you are editing a synchronization project. Only a part of this data is really needed for configuring synchronization. If a synchronization project is finished, the schema is compressed to remove unnecessary data from the synchronization project. This can speed up the loading of the synchronization project. Deleted schema data can be added to the synchronization configuration again at a later point.
If the target system schema or the One Identity Manager schema has changed, these changes must also be added to the synchronization configuration. Then the changes can be added to the schema property mapping.
To include schema data that have been deleted through compression and schema modifications in the synchronization project, update each schema in the synchronization project. This may be necessary if:
To update a system connection schema
-
Select the Configuration > Target system category.
- OR -
Select the Configuration > One Identity Manager connection category.
-
Select the General view and click Update schema.
- Confirm the security prompt with Yes.
This reloads the schema data.
To edit a mapping
-
In the Synchronization Editor, open the synchronization project.
-
Select the Mappings category.
-
Select a mapping in the navigation view.
Opens the Mapping Editor. For more information about mappings, see the One Identity Manager Target System Synchronization Reference Guide.
NOTE: The synchronization is deactivated if the schema of an activated synchronization project is updated. Reactivate the synchronization project to synchronize.
When you start synchronization, all synchronization objects are loaded. Some of these objects have not be modified since the last synchronization and, therefore, must not be processed. Synchronization is accelerated by only loading those object pairs that have changed since the last synchronization. One Identity Manager uses revision filtering to accelerate synchronization.
OneLogin supports revision filtering. The change date of OneLogin objects from the OneLogin change history is used as the revision counter (OLGEvent table).
To speed up synchronization and reduce the number of synchronization entries in the change history, you can adjust the scope of the Event schema type in your synchronization project.
NOTE: However, to use Behavior Driven Governance, events must be synchronized with the types 5, 6, 7, 8, 11, 22, 29. For more information about Behavior Driven Governance, see the One Identity Manager Administration Guide for Behavior Driven Governance.
To adjust the scope
-
Open the synchronization project in the Synchronization Editor.
-
In the navigation, select Configuration > Target system.
-
Select the Scope view.
-
Click Edit scope.
-
Select the Event schema type.
-
Select the system filter tab and extend the existing filter definition as follows:
event_type_id=5,6,7,8,11,22,29&since=$olgeventsincefilter$
-
Save the changes.
Each synchronization saves the last date is was run as a revision in the One Identity Manager database (DPRRevisionStore table, Value column). This value is used as a comparison for revision filtering when the same workflow is synchronized the next time. When this workflow is synchronized the next time, the OneLogin objects' change date is compared with the revision saved in the One Identity Manager database. Only those objects that have been changed since this date are loaded from the OneLogin domain.
Optimized revision filtering is supported because OneLogin has event-based logging. Therefore, it is possible to query information about the last change to a schema type. If the objects of a schema type were neither added nor changed, the synchronization step can be skipped and the objects do not have to be loaded for comparison. The OneLogin connector provides all the relevant information.
To use optimized revision filtering
-
In the Designer, set the Common | TableRevision configuration parameter.
Now each time a table changes, the table's revision date updates. This information is stored in the QBMTableRevision table, RevisionDate column. In this way, One Identity Manager identifies whether a table object has been added, changed, or deleted.
The revision is found at start of synchronization. Objects modified by synchronization are loaded and checked by the next synchronization. This means that the second synchronization after initial synchronization is not significantly faster.
Revision filtering can be applied to workflows and start up configuration.
To permit revision filtering on a workflow
To permit revision filtering for a start up configuration
NOTE: If the Common | TableRevision is not set, all revision data in the QBMTableRevision table is deleted.
For more information about revision filtering, see the One Identity Manager Target System Synchronization Reference Guide.
Changes made to individual objects in the target system can be immediately applied in the One Identity Manager database without having to start a full synchronization of the target system environment. Individual objects can only be synchronized if the object is already present in the One Identity Manager database. The changes are applied to the mapped object properties. If a membership list belongs to one of these properties, the entries in the assignment table will also be updated. If the object is no longer present in the target system, then it is deleted from the One Identity Manager database.
Prerequisites
-
A synchronization step exists that can import the changes to the changed object into One Identity Manager.
-
The path to the base object of the synchronization is defined for the table that contains the changed object.
Single object synchronization is fully configured for synchronization projects created using the default project template. If you want to incorporate custom tables into this type of synchronization project, you must configure single object synchronization for these tables. For more information about this, see the One Identity Manager Target System Synchronization Reference Guide.
To define the path to the base object for synchronization for a table
-
In the Manager, select the OneLogin > Basic configuration data > Target system types category.
-
In the result list, select the OneLogin target system type.
-
Select the Assign synchronization tables task.
-
In the Add assignments pane, assign the custom table for which you want to use single object synchronization.
- Save the changes.
-
Select the Configure tables for publishing task.
-
Select the custom table and enter the Root object path.
Enter the path to the base object in the ObjectWalker notation of the VI.DB.
Example: FK(UID_OLGAPIDomain).XObjectKey
- Save the changes.
Related topics
