RemoteConnectPlugin
For more information about configuring a remote connection, see the One Identity Manager Target System Synchronization Reference Guide.
To configure synchronization with a target system, One Identity Manager must load the data from the target system. One Identity Manager communicates directly with the target system to do this. Sometimes direct access from the workstation, on which the Synchronization Editor is installed, is not possible. For example, because of the firewall configuration or the workstation does not fulfill the necessary hardware and software requirements. If direct access is not possible from the workstation, you can set up a remote connection. Prerequisite for this is that the RemoteConnectPlugin is installed on the Job server.
Table 121: RemoteConnectPlugin parameters
Authentication method (AuthenticationMethod) |
ADGroup |
Method with which incoming queries can be authenticated.
Permitted values: ADGroup |
Authentication type (HttpAuthentication) |
Ntlm |
Authentication type to use.
Permitted values: Negotiate, Ntlm, IntegratedWindowsAuthentication |
Bind address (HttpBindAddress) |
+ |
IP address of the network card to use.
+: Use all network cards. |
Permitted AD group (ADGroupAuthPermittedGroup) |
|
Distinguished name or object SID of the Active Directory group whose members are permitted to use a remote connection. This parameter is only required for the ADGroup authentication method. |
Port (Port) |
2880 |
Port for reaching the server. |
NOTE: Authentication of a remote connection can only be done through an Active Directory group.
DatabaseAgentPlugin
This One Identity Manager Service plug-in deploys the Database Agent Service. The Database Agent Service controls processing of DBQueue Processor tasks. The plug-in should be configured on the Job server that performs the Update server server function. An administrative user must be used for the database connection in the Job provider.
Enter the following parameter:
-
Job provider IDs (ProviderIDs)
IDs of the Job providers to be used. Enter a list of job provider names separated by the pipe symbol (|). If this is empty the first Job provider is used. If * is specified, all Job providers are used.
Alternatively, the Database Agent Service can be run from the DatabaseAgentServiceCmd.exe command line program. For more information, see the One Identity Manager Operational Guide.
Related topics
File module with private key
In this module, you provide the data for files with a private key. Use this parameter if you work with several private keys, for example, if One Identity Manager Service data must be exchanged between two encrypted One Identity Manager databases.
If no key is entered here, the private key file from the File with private key (PrivateKey) parameter of the JobServiceDestination is used.
To enter a file with a private key
-
Click New and enter the following information:
-
Property: Enter the ID of the private key. The ID is expected in the JobServiceDestination in the Private key identifier parameter (PrivateKeyId). The default key has the ID Default.
-
Value: Enter the path of the private key file. You can enter the absolute or relative path to the One Identity Manager Service.
Example: Configuration in the file jobservice.cfg.
configuration>
<category name="privatekeys">
<value name="Default">private.key</value>
<value name="Key2">key2.key</value>
<value name="OtherKey">C:\Path\To\Other.key</value>
</category>
</configuration>
Related topics
Tracking changes with process monitoring
With One Identity Manager, it is possible to create a change history for objects and their properties. This can be used to fulfill reporting duties for internal committees and legal obligations for providing documentary evidence. Different methods can be used to track changes within One Identity Manager. With this combination of methods, all changes that are made in the One Identity Manager system can be traced.
-
Recording data modifications
Modifications to data can be recorded for add or delete operations on objects, and up to and including changes to individual object properties.
-
Recording process information
Recording process information allows all processes and process steps to be tracked while being processed by One Identity Manager Service.
-
Recording messages in the process history
In the process history, success, and error messages from handling each process step in the Job queues are recorded by the One Identity Manager Service.
All entries logged in One Identity Manager are initially saved in the One Identity Manager database. The proportion of historical data to total volume of a One Identity Manager database should not exceed 25 percent. Otherwise, performance problems may arise. You must ensure that log entries are regularly removed from the One Identity Manager database and archived. For more information about archiving data, see the One Identity Manager Data Archiving Administration Guide.
Detailed information about this topic