Chat now with support
Chat with Support

Identity Manager 9.2.1 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics
Overview of the One Identity Manager schema Table types and default columns in the One Identity Manager data model Notes on editing table definitions and column definitions Table definitions Column definitions Table relations Dynamic foreign key Supporting file groups
Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Deleting log entries in the One Identity Manager database without archiving

If records from separate sections are kept in the One Identity Manager database for a certain amount of time but are not archived later, you have the following options:

  • To exclude a certain section from archiving, do not configure it for export, just specify a retention period.

  • To delete all sections without archiving, specify a retention period. In the Designer, set the Common | ProcessState | ExportPolicy configuration parameter and enter the value NONE.

The records are deleted from the One Identity Manager database by DBQueue Processor when the retention period has ended. In addition, all entries for triggered actions are deleted if they have no corresponding records in those sections.

NOTE: If you do not specify a retention period, the records from that section are deleted from the One Identity Manager database during daily DBQueue Processor maintenance tasks.

Related topics

Specifying log retention times

Once the retention period has ended, the recorded data is either exported or deleted from the One Identity Manager database depending on which archiving method has been chosen. A longer retention period should be selected for sections whose records will be exported than for those that will be deleted.

NOTE: If you do not specify a retention period, the records in this section will be deleted daily from the One Identity Manager database within the daily DBQueue Processor maintenance tasks.

The recordings are not exported until the retention period for all sections has expired and no other active processes for the process group (GenProcID) exist in the DBQueue, process history, or as scheduled operation.

You use configuration parameters to define the data retention periods for the individual sections.

Table 124: Configuration parameter for handling change data
Configuration parameter Meaning

Common | ProcessState | PropertyLog | IsToExport

Exports the data changes. If this configuration parameter is not set the information is deleted once the retention period has expired.

Common | ProcessState | PropertyLog | LifeTime

Maximum retention period in days of logged data changes in the database. The default value is 30.

Table 125: Configuration parameter for handling process information
Configuration parameter Meaning

Common | ProcessState | ProgressView | IsToExport

Exports the data in the process information. If this configuration parameter is not set the information is deleted once the retention period has expired.

Common | ProcessState | ProgressView | LifeTime

Maximum retention period in days of process information in the database. The default value is 30.

Table 126: Configuration parameter for handling process history
Configuration parameter Meaning

Common | ProcessState | JobHistory | IsToExport

Exports the information in the process history. If this configuration parameter is not set the information is deleted once the retention period has expired.

Common | ProcessState | JobHistory | LifeTime

Maximum retention period in days of logged process history in the database. The default value is 30.

Optimizing performance by deleting log entries

If there is a large amount of data, you can specify the number of objects to delete per DBQueue Processor operation and run in order to improve performance. You use configuration parameters to make the choice for each section.

Table 127: Configuration parameters for deleting logged data changes
Configuration parameter Meaning

Common | ProcessState | PropertyLog | Delete

Allows configuration of deletion behavior for logged data changes.

Common | ProcessState | PropertyLog | Delete | BulkCount

Number of entries to be deleted in any operation. The default value is 200.

Common | ProcessState | PropertyLog | Delete | TotalCount

Total number of entries to be deleted in any processing run. The default value is 10000.

Table 128: Configuration parameters for deleting process information
Configuration parameter Meaning

Common | ProcessState | ProgressView | Delete

Allows configuration of deletion behavior for process information.

Common | ProcessState | ProgressView | Delete | BulkCount

Number of entries to be deleted in any operation. The default value is 200.

Common | ProcessState | ProgressView | Delete | TotalCount

Total number of entries to be deleted in any processing run. The default value is 10000.

Table 129: Configuration parameters for deleting process history

Configuration parameter

Meaning

Common | ProcessState | JobHistory | Delete

Allows configuration of deletion behavior for the process history.

Common | ProcessState | JobHistory | Delete | BulkCount

Number of entries to be deleted in any operation. The default value is 200.

Common | ProcessState | JobHistory | Delete | TotalCount

Total number of entries to be deleted in any processing run. The default value is 10000.

Table 130: Configuration parameters for deleting process status entries
Configuration parameter Meaning

Common | ProcessState | Delete

Allows configuration of deletion behavior for process status entries.

Common | ProcessState | Delete | BulkCount

Number of entries to be deleted in any operation. The default value is 500.

Common | ProcessState | Delete | TotalCount

Total number of entries to be deleted in any processing run. The default value is 10000.

Conditional compilation using preprocessor conditions

Conditional compiling of program code is integrated into One Identity Manager. Conditional compilation allows parts of the program code to be parsed whereas other parts remain untouched.

Conditional compiling has the following advantages:

  • Assemblies are reduced in size

  • Structures the system configuration

  • Improves clarity for the model and permissions

  • Speeds up processing

  • Hides unnecessary data in all VB.Net expressions

  • Hides unnecessary model components

Conditional compiling in One Identity Manager is controlled using preprocessor conditions. Preprocessor conditions can be used in:

  • Objects with the Preprocessor condition property.

  • VB.Net expressions

NOTE: Preprocessor conditions help stop the module being disabled. For example, SQL procedures and triggers are still run even if the objects are disabled by preprocessor conditions. To disabled a module, remove the module from the One Identity Manager database. For more information about removing modules, see the One Identity Manager Installation Guide.

Configuration parameters and their options define the possible preprocessor conditions. In order to become effective on a system-wide basis, every modification to preprocessor relevant configuration parameters as well as modifications to preprocessor conditions on objects and VB.Net expressions requires the One Identity Manager database to be recompiled.

Detailed information about this topic
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating