Step 1: Provide access to Quest One Identity Manager DLLs
Make sure that Synchronization Service can access the required Quest One Identity Manager DLLs. Depending on the Quest One Identity Manager version to which you want to connect, perform the corresponding steps in the next table.
Table 52: Providing access to Identity Manager DLLs
Install Synchronization Service on the Identity Manager 6.0 computer.
If Identity Manager is installed to a non-default installation folder, complete the additional steps below this table. |
Do one of the following:
- On the Quest One Identity Manager 6.1 computer, install Synchronization Service
If Quest One Identity Manager is installed to a non-default installation folder, complete the additional steps below this table. |
If Identity Manager is installed to a non-default installation folder, complete the following additional steps:
- Use a text editor (such as Notepad) to open the OIMConnector_ConnectorConfig.xml file located in the Synchronization Service installation folder. This file is created when you add a connection to Quest One Identity Manager.
This is the file where Quest One Identity Manager connector saves its configuration settings. For more information on these settings, see Quest One Identity Manager Connector configuration file.
- Create a new <PathToOneIdentityManagerDlls> XML element in the file and then type the path to the Identity Manager installation folder in that element.
Example:
<PathToOneIdentityManagerDlls>C:\IdentityManagerInstallationFolder</PathToOneIdentityManagerDlls>
- Save the changes, and then close the .xml file.
- If you installed Synchronization Service on the Identity Manager computer, restart the Synchronization Service on that computer.
Step 2: Configure a connection to Quest One Identity Manager
- In the Synchronization Service Administration Console, open the Connections tab.
- Click Add connection, and then use the following options:
- Connection name. Type a descriptive name for the connection.
- Use the specified connector. Select Quest One Identity Manager(Q1IM) Connector.
- Click Next.
- On the Specify connection settings page, use the following options:
- Database type. Use this list to select the type of the database in which Quest One Identity Manager stores its data. You can select one of the following database types:
- Oracle. Select this item if Quest One Identity Manager stores its data in a database hosted on Oracle Database.
- SQL Server. Select this item if Quest One Identity Manager stores its data in a database hosted on Microsoft SQL Server.
- Server. If you have selected SQL Server in the Database type list, type the SQL Server instance that hosts the database where Quest One Identity Manager stores its data. Use the following format: <ComputerName>/<SQLServerInstanceName>
- If you have selected Oracle in the Database type list, type the DNS name or IP address of the Oracle Database computer that hosts the database where Quest One Identity Manager stores its data.
- Port. Type the number of port on which you want to connect to the Oracle Database computer that hosts the database where Quest One Identity Manager stores its data.
- Database name. Type the name of the database where Quest One Identity Manager stores its data.
- Connect using. Use this area to specify the account with which you want to connect to the computer that hosts the Quest One Identity Manager database.
- If you have selected SQL Server in the Database type list, select one of the following authentication methods to access the SQL Server computer that hosts the Quest One Identity Manager database:
- Use Synchronization Service account. Allows you to access the SQL Server within the security context of the account under which the Synchronization Service is running.
- Use SQL Server authentication. Allows you to specify the user name and password of an account registered on the SQL Server.
- If you have selected Oracle in the Database type list, type the login and password of the account under which you want to access the Oracle Database computer that hosts the Quest One Identity Manager database.
- Test Connection. Allows you to verify the specified connection settings.
- Click Finish to create a connection to Quest One Identity Manager.
Modifying a Quest One Identity Manager connection
To modify connection settings
- In the Synchronization Service Administration Console, open the Connections tab.
- Click Connection settings below the existing Quest One Identity Manager connection you want to modify.
- Expand Specify connection settings and use the following options to modify the settings as necessary:
- Test Connection. Allows you to verify the specified connection settings.
- Click Save.
Quest One Identity Manager Connector configuration file
Quest One Identity Manager connector saves its configuration settings in the file OIMConnector_ConnectorConfig.xml located in the Synchronization Service installation folder. This file is created when you add a connection to Quest One Identity Manager. You can edit the XML elements in the file to configure the various parameters of the Quest One Identity Manager Connector. The table below describes the XML elements you can edit.
Table 53: XML elements
<PathToOneIdentityManagerDlls> |
Specifies the path to the One Identity Manager.dll files required for Synchronization Service to connect to the Quest One Identity Manager.
Example:
<PathToOneIdentityManagerDlls> C:\IdentityManagerDLLs </PathToOneIdentityManagerDlls> |
<ExcludeDeletedObjects> |
Specifies how Synchronization Service will treat objects marked as deleted in Identity Manager. This element can take one of the following values:
- TRUE. Specifies to ignore deleted objects during data synchronization operations.
- FALSE. Specifies to process deleted objects during data synchronization operations.
Example:
<ExcludeDeletedObjects> TRUE </ExcludeDeletedObjects> |
<PasswordAttributes> |
Specifies the default Identity Manager attribute to be used for storing passwords for objects of a particular type. Specifying an attribute for storing passwords in the Synchronization Service GUI overrides the value set in this XML element.
Example:
<PasswordAttributes> <PasswordAttributeDefinitions> <PasswordAttributeDefinition objectType="Person" attribute="CentralPassword" /> </PasswordAttributeDefinitions> </PasswordAttributes> |
<ReadFullSync> |
Specifies a value of the FullSync variable for Read operations performed in Identity Manager. |
<CreateFullSync> |
Specifies a value of the FullSync variable for Create operations performed in Identity Manager. |
<ModifyFullSync> |
Specifies a value of the FullSync variable for Modify operations performed in Identity Manager. |
<DeleteFullSync> |
Specifies a value of the FullSync variable for Delete operations performed in Identity Manager. |
<ObjRefFullSync> |
Specifies a value of the FullSync variable for Modify Object Reference operations performed in Identity Manager. |
<SyncStatusFullSync> |
Specifies a value of the FullSync variable for Sync Status operations performed in Identity Manager. |
For more information about the FullSync variable and the values it can take, see the Quest One Identity Manager documentation.