Chat now with support
Chat with Support

Identity Manager 9.2.1 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics
Overview of the One Identity Manager schema Table types and default columns in the One Identity Manager data model Notes on editing table definitions and column definitions Table definitions Column definitions Table relations Dynamic foreign key Supporting file groups
Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Parallel processing of processes by the One Identity Manager Service

The One Identity Manager Service enables parallel processing of process steps because it can create several instances of process components. You specify for each process component and its process tasks on an individual basis whether parallel processing of process steps is possible.

Parallelization is affected by the following properties of the process components and process tasks.

  • Maximum number of valid instances of one process task (JobTask.MaxInstance)

    Permitted values are:

    • -1: All instances of this process task are processed sequentially. Other process task instances of the same process component are not run simultaneously.

    • 0: The maximum number of instances given for the process component is used.

    • 1 or greater: The exact number of instances of a process task, which are processed simultaneously.

  • Maximum number of valid instances of one process component (JobComponent.MaxInstance)

    The value is only used if the maximum number of instances of a process task is set to 0. Otherwise, the value applies that is set for the process task.

    Permitted values are:

    • -1: All instances of this process component are processed sequentially.

      It must be ensured that these components are run exclusively on one Job server, which means no other queue can exist to process these components.

    • 0: All instances of this process component can be processed simultaneously.

    • 1 or greater: The exact number of instances of a process component, which are processed simultaneously.

  • Specifies whether it is necessary to run one process task per object (JobTask.IsExclusivePerObject)

    If this option is enabled in a process task, only one process step with this process task can be run for a specific object. There is no parallel processing.

Related topics

Running external processes with the StdioProcessor

The exe type of a process task defines whether processing takes place within the One Identity Manager Service or in an external process. If a process task is going to run in an external process, the StdioProcessor StdioProcessor) is started on an external slot. After the external process has run, it remains available for further runs until one of the following conditions occurs:

  • No further process step has been started for the past 30 seconds.

  • The maximum reusage count has been reached according to the One Identity Manager Service configuration.

    The One Identity Manager Service configuration uses the value in the Max. external processor reusage count (MaxExternalSlotReuse) as the maximum reusage count. The default value is 100. For more information, see JobServiceDestination.

  • The process step has the returns the return code ErrorAndTerminate.

Related topics

Configuring the One Identity Manager Service

A Job provider function makes a Job destination process step available within the One Identity Manager Service. The Job destination function handles the process steps and returns a result to the Job provider. The Job provider evaluates the result.

The combination of a Job provider on one server and a Job destination on another server is called a "Job gate". The Job provider and Job destination are configured within the Jobgate such that they can communicate with each other.

Figure 26: Example of the One Identity Manager Service configuration

Table 96: One Identity Manager Service provider
Provider

Description

MSSQLJobProvider

The MSSQLJobProvider retrieves the process steps from the One Identity Manager database under SQL Server and sends them to a Job destination.

FileJobProvider

In the FileJobProvider, process requests and results are read from and written to files. These files can be processed by the FileJobGate (FileJobDestination or FTPJobDestination). The data is transferred using these files.

FTPJobProvider

The FTPJobProvider is based on the function of the FileJobProvider. In the FTPJobProvider, process requests and results are read from and written to files. After the files have been created in the local directory, the FTPJobProvider connects to the FTP server and transfers the files to the server. A connection is also made to the FTP Server when it gets a signal and the data is collected.

HTTPJobProvider

The HTTPJobProvider receives process steps from a parent Job server. The data transfer is via HTTP or HTTPS.

AppServerJobProvider

The AppServerJobProvider retrieves the process steps from the application server and sends them to a Job destination.

Table 97: One Identity Manager Service Job destinations
JobDestination Description

JobServiceDestination

The JobServiceDestination is the One Identity Manager Service component that performs the actual handling of process steps. It requests the process steps from the Job provider, processes them with the process component and returns the result.

FileJobDestination

The FileJobDestination handles the process steps provided by the FileJobGate (FileJobProvider or FTPJobProvider) and returns the results to the Job provider.

FTPJobDestination

The FTPJobDestination handles the process steps provided by the FileJobGate (FileJobProvider or FTPJobProvider) and returns the results to the Job provider.

HTTPJobDestination

The HTTPJobDestination sends process steps to a child Job server. The data transfer is via HTTP or HTTPS.

Table 98: One Identity Manager Service Jobgates
Jobgate Description

HTTPJobGate

Consisting of HTTPJobProvider and HTTPJobDestination.

FileJobGate

Consisting of FileJobProvider, FileJobDestination, FTPJobProvider and FTPJobDestination. JobProvider and JobDestinations can be combined with each other.

Figure 27: Example FileJobGate configuration

Detailed information about this topic

One Identity Manager Service configuration files

You configure One Identity Manager Service and its plug-ins using a configuration file. The file has to reside in the same directory as the file viNetworkService. The configuration file is necessary both for One Identity Manager Service on a windows based operating system and for the Linux daemon.

Two configuration file formats are supported:

  • Jobservice.cfg

    Jobservice.cfg is an XML configuration file with its own format. The advantage of this file is that run-time loading is supported.

  • viNetworkService.exe.config

    The viNetworkService.exe.config file is the default configuration file for .NET exes and has the specified format.

The system initially searches for the parameter in the configuration file Jobservice.cfg in order to determine the setups. If the parameter is not found, the file viNetwordService.exe is automatically used. Thus the One Identity Manager Service can only work with the configuration file viNetworkService.exe.config.

In the Designer, configure the One Identity Manager Service in the Base data > Installation > Job server category or by using the Job Service Configuration program.

There is one unique section in the file for each of the different modules in One Identity Manager Service.

Table 99: One Identity Manager Service modules
Module Description

Process collection

Specify the Job provider in this module.

JobDestination

In this module, you specify the job destination.

Configuration

Standard configuration settings for One Identity Manager Service are in this module.

LogWriter

This module writes One Identity Manager Service messages to a log file.

Request dispatcher

Use this module to configure the One Identity Manager Service as a dispatcher. The process requests from the child Job server are buffered, processed, and forwarded.

Connection

With this module you can set special configuration settings for the behavior of the One Identity Manager Service.

HTTP authentication module

Use this module to specify how authentication works on an HTTP server so that extended services can be accessed, for example, displaying the log file or the status display.

Plug-ins

Specify which plug-ins should be installed in this module.

File with the private key.

In this module, you provide the data for files with a private key. Use this module if you are working with more than one private key.

Detailed information about this topic
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating