Chat now with support
Chat with Support

Identity Manager 9.2 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

RemoteConnectPlugin

For more information about configuring a remote connection, see the One Identity Manager Target System Synchronization Reference Guide.

To configure synchronization with a target system, One Identity Manager must load the data from the target system. One Identity Manager communicates directly with the target system to do this. Sometimes direct access from the workstation, on which the Synchronization Editor is installed, is not possible. For example, because of the firewall configuration or the workstation does not fulfill the necessary hardware and software requirements. If direct access is not possible from the workstation, you can set up a remote connection. Prerequisite for this is that the RemoteConnectPlugin is installed on the Job server.

Table 121: RemoteConnectPlugin parameters
Parameters Value Description

Authentication method (AuthenticationMethod)

ADGroup

Method with which incoming queries can be authenticated.

Permitted values: ADGroup

Authentication type (HttpAuthentication)

Ntlm

Authentication type to use.

Permitted values: Negotiate, Ntlm, IntegratedWindowsAuthentication

Bind address (HttpBindAddress)

+

IP address of the network card to use.

+: Use all network cards.

Permitted AD group (ADGroupAuthPermittedGroup)

 

Distinguished name or object SID of the Active Directory group whose members are permitted to use a remote connection. This parameter is only required for the ADGroup authentication method.

Port (Port)

2880

Port for reaching the server.

NOTE: Authentication of a remote connection can only be done through an Active Directory group.

DatabaseAgentPlugin

This One Identity Manager Service plug-in deploys the Database Agent Service. The Database Agent Service controls processing of DBQueue Processor tasks. The plug-in should be configured on the Job server that performs the Update server server function. An administrative user must be used for the database connection in the Job provider.

Enter the following parameter:

  • Job provider IDs (ProviderIDs)

    IDs of the Job providers to be used. Enter a list of job provider names separated by the pipe symbol (|). If this is empty the first Job provider is used. If * is specified, all Job providers are used.

Alternatively, the Database Agent Service can be run from the DatabaseAgentServiceCmd.exe command line program. For more information, see the One Identity Manager Operational Guide.

Related topics

File module with private key

In this module, you provide the data for files with a private key. Use this parameter if you work with several private keys, for example, if One Identity Manager Service data must be exchanged between two encrypted One Identity Manager databases.

If no key is entered here, the private key file from the File with private key (PrivateKey) parameter of the JobServiceDestination is used.

To enter a file with a private key

  1. Click New and enter the following information:

    • Property: Enter the ID of the private key. The ID is expected in the JobServiceDestination in the Private key identifier parameter (PrivateKeyId). The default key has the ID Default.

    • Value: Enter the path of the private key file. You can enter the absolute or relative path to the One Identity Manager Service.

Example: Configuration in the file jobservice.cfg.

configuration>

<category name="privatekeys">

<value name="Default">private.key</value>

<value name="Key2">key2.key</value>

<value name="OtherKey">C:\Path\To\Other.key</value>

</category>

</configuration>

Related topics

Tracking changes with process monitoring

With One Identity Manager, it is possible to create a change history for objects and their properties. This can be used to fulfill reporting duties for internal committees and legal obligations for providing documentary evidence. Different methods can be used to track changes within One Identity Manager. With this combination of methods, all changes that are made in the One Identity Manager system can be traced.

  • Recording data modifications

    Modifications to data can be recorded for add or delete operations on objects, and up to and including changes to individual object properties.

  • Recording process information

    Recording process information allows all processes and process steps to be tracked while being processed by One Identity Manager Service.

  • Recording messages in the process history

    In the process history, success, and error messages from handling each process step in the Job queues are recorded by the One Identity Manager Service.

All entries logged in One Identity Manager are initially saved in the One Identity Manager database. The proportion of historical data to total volume of a One Identity Manager database should not exceed 25 percent. Otherwise, performance problems may arise. You must ensure that log entries are regularly removed from the One Identity Manager database and archived. For more information about archiving data, see the One Identity Manager Data Archiving Administration Guide.

Detailed information about this topic
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating