Chat now with support
Chat with Support

Identity Manager 8.2 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration SOAP Web Service One Identity Manager as SPML provisioning service provider Processing DBQueue tasks One Identity Manager Service configuration files

Running external processes with the StdioProcessor

The exe type of a process task defines whether processing takes place within the One Identity Manager Service or in an external process. If a process task is going to run in an external process, the StdioProcessor StdioProcessor) is started on an external slot. After the external process has run, it remains available for further runs until one of the following conditions occurs:

  • No further process step has been started for the past 30 seconds.

  • The maximum reusage count has been reached according to the One Identity Manager Service configuration.

    The One Identity Manager Service configuration uses the value in the Max. external processor reusage count (MaxExternalSlotReuse) as the maximum reusage count. The default value is 100. For more information, see JobServiceDestination.

  • The process step has the returns the return code ErrorAndTerminate.

Related topics

Configuring the One Identity Manager Service

A Job provider function makes a Job destination process step available within the One Identity Manager Service. The Job destination function handles the process steps and returns a result to the Job provider. The Job provider evaluates the result.

The combination of a Job provider on one server and a Job destination on another server is called a "Job gate". The Job provider and Job destination are configured within the Jobgate such that they can communicate with each other.

Figure 27: Example of the One Identity Manager Service configuration

Table 96: One Identity Manager Service provider
Provider

Description

MSSQLJobProvider

The MSSQLJobProvider retrieves the process steps from the One Identity Manager database under SQL Server and sends them to a Job destination.

FileJobProvider

In the FileJobProvider, process requests and results are read from and written to files. These files can be processed by the FileJobGate (FileJobDestination or FTPJobDestination). The data is transferred using these files.

FTPJobProvider

The FTPJobProvider is based on the function of the FileJobProvider. In the FTPJobProvider, process requests and results are read from and written to files. After the files have been created in the local directory, the FTPJobProvider connects to the FTP server and transfers the files to the server. A connection is also made to the FTP Server when it gets a signal and the data is collected.

HTTPJobProvider

The HTTPJobProvider receives process steps from a parent Job server. The data transfer is carried out by HTTP.

AppServerJobProvider

The AppServerJobProvider retrieves the process steps from the application server and sends them to a Job destination.

Table 97: One Identity Manager Service Job destinations
JobDestination Description

JobServiceDestination

The JobServiceDestination is the One Identity Manager Service component that performs the actual handling of process steps. It requests the process steps from the Job provider, processes them with the process component and returns the result.

FileJobDestination

The FileJobDestination handles the process steps provided by the FileJobGate (FileJobProvider or FTPJobProvider) and returns the results to the Job provider.

FTPJobDestination

The FTPJobDestination handles the process steps provided by the FileJobGate (FileJobProvider or FTPJobProvider) and returns the results to the Job provider.

HTTPJobDestination

The HTTPJobDestination sends process steps to a child Job server. The data transfer is carried out by HTTP.

Table 98: One Identity Manager Service Jobgates
Jobgate Description

HTTPJobGate

Consisting of HTTPJobProvider and HTTPJobDestination.

FileJobGate

Consisting of FileJobProvider, FileJobDestination, FTPJobProvider and FTPJobDestination. JobProvider and JobDestinations can be combined with each other.

Figure 28: Example FileJobGate configuration

Detailed information about this topic

One Identity Manager Service configuration files

Configuration One Identity Manager Service and its plugins with a configuration file. The file has to reside in the same directory as the file viNetworkService. The configuration file is necessary both for One Identity Manager Service on a windows based operating system and for the Linux daemon.

Two configuration file formats are supported:

  • Jobservice.cfg

    Jobservice.cfg is an XML configuration file with its own format. The advantage of this file is that run-time loading is supported.

  • viNetworkService.exe.config

    The viNetworkService.exe.config file is the default configuration file for .NET exes and has the specified format.

The system initially searches for the parameter in the configuration file Jobservice.cfg in order to determine the setups. If the parameter is not found, the file viNetwordService.exe is automatically used. Thus the One Identity Manager Service can only work with the configuration file viNetworkService.exe.config.

In the Designer, configure the One Identity Manager Service in the Base data > Installation > Job server category or by using the Job Service Configuration program.

There is one unique section in the file for each of the different modules in One Identity Manager Service.

Table 99: One Identity Manager Service modules
Module Description

Process collection

Specify the Job provider in this module.

JobDestination

In this module, you specify the job destination.

Configuration

Standard configuration settings for One Identity Manager Service are in this module.

LogWriter

This module writes One Identity Manager Service messages to a log file.

Request dispatcher

Use this module to configure the One Identity Manager Service as a dispatcher. The process requests from the child Job server are buffered, processed, and forwarded.

Connection

With this module you can set special configuration settings for the behavior of the One Identity Manager Service.

HTTP authentication module

Use this module to specify how authentication works on an HTTP server so that extended services can be accessed, for example, displaying the log file or the status display.

Plugins

Specify which plugins should be installed in this module.

File with the private key.

In this module, you provide the data for files with a private key. Use this module if you are working with more than one private key.

Detailed information about this topic

Customizing the One Identity Manager Service configuration for a Job server

This configuration is already created when the One Identity Manager Service is installed. Use the Job Server Editor to modify each configuration setting. You can also customize all configuration settings in the Job Service Configuration program.

NOTE: Before changing the One Identity Manager Service configuration, make sure that the configuration is imported into the database. In the Designer, configure, and enable the Get configuration file from the Job server and write in the Job server configuration schedule.

To modify the One Identity Manager Service configuration on a Job server

  1. In the Designer, select the Base Data > Installation > Job server category.

  2. Start the Job Server Editor using the Edit Job server task.

  3. Enable the Configure One Identity Manager Service view.

  4. Select the Job server to be edited in the Job server overview.

  5. Edit the configuration settings.

    TIP: Use the and buttons to change the configuration data.

  6. Save the configuration using .

  7. Use the button to test the configuration.

  8. Deploy the modified configuration to the Job server using Job server > Deploy Job server configuration from menu.

    This generates a process, which updates the configuration file on the Job server.

TIP: Use the Job server > Start HTTP request menu item to address the HTTP server of the One Identity Manager Service for a Job server and display the different services of the One Identity Manager Service.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating