Chat now with support
Chat with Support

Identity Manager 9.1.2 - Target System Synchronization Reference Guide

Target system synchronization with the Synchronization Editor Working with the Synchronization Editor Basics of target system synchronization Setting up synchronization
Starting the Synchronization Editor Creating a synchronization project Configuring synchronization
Setting up mappings Setting up synchronization workflows Connecting systems Editing the scope Using variables and variable sets Setting up start up configurations Setting up base objects
Overview of schema classes Customizing the synchronization configuration Checking the consistency of the synchronization configuration Activating the synchronization project Defining start up sequences
Running synchronization Synchronization analysis Setting up synchronization with default connectors Updating existing synchronization projects Script library for synchronization projects Additional information for experts Troubleshooting errors when connecting target systems Configuration parameters for target system synchronization Configuration file examples

Validating scripts

You can apply scripts at various points in the synchronization projectClosed; for example, when defining the schema properties, in the object filter, or when you define data operations for system connections through the generic database connectorClosed. You can enter scripts in C# or Visual Basic .NET depending on script's language, which was specified for the synchronization project.

You can use the available compiling and debugging functions to troubleshoot script.

Table 82: Edit box buttons
Button Description
Opens advanced edit mode.
Compile Checks the script's syntax.

Script was compiled without errors.

Script contains syntax errors.

Debug Export the current script to a Visual Studio project.

This button is available only in the Edit SchemaClosed Properties dialog and in the system connection wizard for the generic database connector.

Compile

To verify the script's syntax

  1. Open the script in the Synchronization EditorClosed.
  2. Click Compile.

Compiler errors are shown immediately and written to in the Synchronization Editor's error log.

Debug

The script is exported to a Visual Studio project for debugging. Once the project is run, the Synchronization Editor starts in debug mode and the script is tested.

Prerequisites
  • Visual Studio is installed on the workstation on which the Synchronization Editor is running.
  • All changes to the synchronization project are saved.
  • The debugger can be used in scripts that are used in:
    • Schema properties
    • Script variablesClosed
    • Data operations for system connections using the generic database connector

To debug a script

  1. Open the script in the Synchronization Editor.
  2. Click Debug.
  3. Confirm the prompt with OK.
  4. Start debugging in the Visual Studio project.
  5. If necessary, correct the script in the Synchronization Editor's default mode.
  6. Save the changes.
Related topics

Starting synchronization

You can also start synchronizationClosed manually by either running it on your workstation or from the synchronization serverClosed. If you run synchronization from your workstation, you cannot work with the Synchronization EditorClosed until synchronization is complete. To be able to continue working with the Synchronization Editor during synchronization, run synchronization from the synchronization server.

To start synchronization manually

  1. In the Synchronization Editor, open the synchronization projectClosed.

  2. Select the Configuration > Start up configurations category.

  3. Select a start up configuration in the document view and click Run.

  4. Confirm the security prompt with Yes.

Defining downstream processes

Certain actions must be run in the One Identity Manager database after synchronizationClosed has finished. For this, you can define additional processes in the tables, which return base objects. These additional processes are run through the "PostSync" event, which is triggered in the process DPR_DPRProjectionStartInfo_Run_Synchronization.

To create a downstream process for synchronization

  1. In the DesignerClosed, select the Process Orchestration category.
  2. Start Process Editor using the Create a new process task.

    This makes a new element for the process and opens it in the Process Editor.

  1. Edit at least the following process properties.
    Table: Table that returns the base object for the synchronization, for example ADSDomain.
    Event: PostSync
  2. Create the required process stepsClosed.

    For more information, see the One Identity Manager Configuration Guide.

  3. Save the changes.
Examples
  • To automatically assign employees to Active Directory user accounts, the table ADSDomain contains the process ADS_ADSDomain_SearchAndCreate_FullSync. The process is triggered by the event "PostSync".
  • If group memberships cannot be resolved when an Active Directory domain is synchronized, the One Identity Manager finds the Active Directory SIDs of the user accounts. For this, there is the process ADS_ADSDomain_PostSync set on the table ADSDomain. The process is triggered by the event "PostSync".

Processing synchronization steps

When a synchronization stepClosed is processed in a process planClosed, synchronizationClosed objects are determined and processed as follows:

  1. Load slim list of objects to be synchronized

    Objects to be synchronized are loaded according to the object matching rules from the target system and the One Identity Manager database. Only key properties, the revision propertyClosed (if exists) and individually specified schema properties in the system connector are loaded in this case.

    TIP: For systems whose schema type only have a few schema properties, this list can already be loaded with all schema properties. This can speed up synchronization.

    You can configure the appropriate behavior in the start up configuration when in expert mode. Modify the reload threshold to do this For more information, see Extended properties for start up configuration.

  2. Use revision filter

    Modified object pairs are filtered, if revision filtering is permitted and the target system supports revision filtering The revision filter is applied to the slim list, which means objects that are already loaded. Therefore, objects that only exist in one of the connected systemsClosed are also processed.

  3. Load lists of object pairs with all schema properties

    One Identity Manager loads list of object and object pairs to be synchronized with all mapped schema properties. The lists are loaded in partitions with a fixed size. Once a partition (for example 1000 object pairs) has been loaded, they are processed asynchronously and at the same time the next partition is being loaded. Therefore, a maximum of two partitions are located in main memory at any time.

    TIP: In expert mode, you can define the partition size in the start configuration. For more information, see Extended properties for start up configuration.
  4. Use mapping

    The moment a partition (for example, 1000 list pairs) have been loaded, the mapping is used for all objects and object pairs. Processing methods are subsequently run according to the given condition.

    If a quotaClosed is defined for a processing method, all objects to be processed from all partitions are loaded first to check whether the quota is exceeded. If there is a large amount of data, this can affect synchronization performance. If the quota is not reached, the processing method will be run afterward. If the quota is exceeded, the synchronization step is not run and subsequently, synchronization is halted. A message is written to the synchronization log.

Detailed information about this topic
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating