Chat now with support
Chat with Support

Identity Manager 8.0 - Configuration Guide

One Identity Manager Software Architecture Working with the Designer Customizing the One Identity Manager Default Configuration Checking Data Consistency Compiling a One Identity Manager Database Working with Change Labels Basic System Configuration Data
One Identity Manager Authentication Module Database Connection Data Configuration Parameters for System Configuration Setting up the Mail Notification System Enabling More Languages for Displaying and Maintaining Data Displaying Country Information Setting Up and Configuring Schedules Password Policies in One Identity Manager Reloading Changes Dynamically TimeTrace Databases Machine Roles and Server Functions Files for Software Update Operating Systems in Use System Configuration Reports Using Predefined Database Queries Managing Custom Database Objects within a Database
The One Identity Manager Data Model Granting One Identity Manager Schema Permissions Working with the User Interface
Object definitions for the User Interface User Interface Navigation Forms for the User Interface Statistics in the One Identity Manager Extending the Launchpad Task Definitions for the User Interface Applications for Configuring the User Interface Icons and Images for Configuring the User Interface Language Dependent Data Representation
Process Orchestration in One Identity Manager
Declaring the Job Server One Identity Manager Service Configuration Handling Processes in the One Identity Manager
Tracking Changes with Process Monitoring Conditional Compilation using Preprocessor Conditions One Identity Manager Scripts Maintaining Mail Templates Reports in the One Identity Manager Custom schema extensions Transporting One Identity Manager Schema Customizations Importing Data Web Service Integration SOAP Web Service One Identity Manager as SPML Provisioning Service Provider Searching for Errors in the One Identity Manager Processing DBQueue Tasks One Identity Manager Configuration Files

Scheduled Maintenance Tasks

Some calculation tasks for the DBQueue Processor are scheduled. There are schedules set up for these maintenance tasks, which you can customize as required. It is recommended to run maintenance task outside main working hours of the connected clients.

Table 371: DBQueue Processor Maintenance Tasks
Task

Schedule

Execution
Reduce size of change entries

Reduce logs

Daily

Reduce size of process tracking logs

Reduce logs

Daily

Purge dynamic users

Reduce logs

Daily
Reduce size of process log entries

Reduce logs

Daily
Reduce size of process history

Reduce logs

Daily
Reduce size of database journal

Reduce logs

Daily
Populate calendar

Daily maintenance tasks

Daily
Lock table statistics

Daily maintenance tasks

Daily
Calculate table statistics

Daily maintenance tasks

Daily
Calculate statistics for data contents

Weekly maintenance tasks

Weekly
Related Topics

One Identity Manager Configuration Files

One Identity Manager Configuration Files

General configuration settings can be preset in a configuration file. The configuration file is kept in the program directory. Each administration tool can take its settings from a configuration file in NET executable format. Valid global configuration settings can also be defined through a configuration file in One Identity Manager's own format.

Detailed information about this topic

Globallog.config

Configuration setting for logging messages are made by NLog in Globallog.config. Globallog.config is referenced in the One Identity Manager component's configuration files.

IMPORTANT: The settings for globallog.config are gloabl for all One Identity Manager components. Use the application specific configuration file *.exe.config to customize individual components.

Use variables to define names, output path and layout of the log files. Output destinations for the messages are specified in the "targets" section. NLog already has predefined targets that you can use in the configuration file. Use the "rules" section to specify rules for logging messages. For an exact description and functionality of NLog, see the online help (http://nlog-project.org/).

In the One Identity Manager default installation, the log files are written to the directory %LocalAppData%\One Identity\One Identity Manager\<appName> under the name <appName>.log, where appName is the name of the One Identity Manager component. All messages with a minimum information level of "info", are recorded in the <appName>.log. The files are kept for 7 days and backed up daily. All messages with the information level "fatal" are additionally recorded in the event log for the source One IdentityOne Identity Manager <appName>.

The variable appName is defined in the One Identity Manager component's configuration files.

Example of file structure

<nlog autoReload="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<variable name="companyName" value="One Identity"/>

<variable name="productTitle" value="One Identity Manager"/>

<variable name="logBaseDir" value="${specialfolder:LocalApplicationData}/${companyName}/${productTitle}/${appName}"/>

<variable name="layout" value="${longdate} ${level:upperCase=true} (${logger} ${event-context:item=SessionId}) : ${event-context:item=Indention}${message} ${exception:format=ToString,StackTrace}" />

<targets async="true">

<default-wrapper xsi:type="BufferingWrapper" bufferSize="256" flushTimeout="2000" />

<target name="logfile" xsi:type="File" fileName="${logBaseDir}/${appName}.log" layout="${layout}" encoding="utf-8"

archiveFileName="${logBaseDir}/${appName}.{#}.log" maxArchiveFiles="7" archiveEvery="Day" archiveNumbering="Rolling"/>

</targets>

<targets>

<target name="eventLog" xsi:type="EventLog" source="${companyName} ${productTitle} ${appName}" layout="${message}${newline}${exception:format=tostring}"/>

</targets>

<rules>

<logger name="*" minlevel="Info" writeTo="logfile"/>

<logger name="*" level="Fatal" writeTo="eventLog"/>

</rules>

</nlog>

You can enter the severity level through:

  • minlevel= Messages are logged from this severity level.
  • level= Message are logged which have exactly this severity level.
Table 372: Permitted Severity Levels
Severity Level Description
Trace Logs highly detailed information. This setting should only be used for analysis purposes. The log file quickly becomes large and cumbersome.
Debug Logs debug steps. This setting should only be used for testing.
Info Logs all information.
Warning Logs all warnings.
Error Logs all error messages.
Fatal Logs all critical error messages.

By providing logger name, you specify for which One Identity Manager components messages are logged. Messages are logged for all components with the default setting logger name="*". To limit logs to certain components, use the name contained in the log.

Table 373: Component Logger Name
Logger name Description
FrontendLog Logs actions in front-ends.
JobGenLog Logs during process generation.
Jobservice Logs One Identity Manager Service messages.
ObjectLog Logs object actions through the object level.
ProjectorEngine Logs messages from the synchronization engine.
SqlLog Logs database queries
StopWatch

Logs timings.

SyncLog Logs actions within synchronization.
SystemConnection Detailed logging of data communication with the system connection during synchronization, including system configuration and system connectors' data communication.
SystemConnector Logs system connector data communication during synchronization.
Update Logs update handling.
WebLog Logs Web service actions.
Related Topics

*.exe.config

NOTE: Use the configuration file globallog.config for global setting that apply to all One Identity Manager components.

The One Identity Manager components, for example Manager or Designer, have a configuration file for .NET executable’s with a predefined format for this. The text is case sensitive. There is a configuration section in the file for each of the different modules of a One Identity Manager component.

The root in the XML file is always called configuration. All other sections of the configuration file must be in the mandatory section configSections and their type must be defined.

Format of the Configuration File using .exe.config as an Example

<?xml version="1.0" encoding="utf-8" ?>

<configuration>

<configSections>

<section name="formprovider" type="System.Configuration.NameValueSectionHandler" />

<section name="formarchives" type="System.Configuration.NameValueSectionHandler" />

<section name="vicontrols" type="System.Configuration.NameValueSectionHandler" />

<section name="connectionbehaviour" type="System.Configuration.NameValueSectionHandler" />

<section name="dialogplugins" type="System.Configuration.NameValueSectionHandler" />

<section name="consistencychecks" type="System.Configuration.NameValueSectionHandler" />

<section name="nlog" type="NLog.Config.ConfigSectionHandler, NLog"/>

</configSections>

<dialogplugins>

<add key="ComplianceRuleSimulation" value="VI.DialogEngine.Plugins.ComplianceRuleSimulation, AE.DialogEngine.Plugins" />

<add key="ComplianceRuleSimulationSummary" value="VI.DialogEngine.Plugins.ComplianceRuleSimulationSummary, AE.DialogEngine.Plugins" />

</dialogplugins>

<consistencychecks>

<add key="AE" value="VI.ConsistencyChecks.AE.dll" />

<add key="Common" value="VI.ConsistencyChecks.Common.dll" />

</consistencychecks>

<formarchives>

<add key="Forms" value="archive:.\???.Forms*.vif;10" />

<add key="CustomForms" value="archive:.\AE.CustomForms.*.vif;5" />

<add key="CommonForms" value="archive:.\Common.Forms*.vif;5" />

</formarchives>

<vicontrols>

<add key="defaultcontroldesign" value="System" />

</vicontrols>

<nlog autoReload="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<variable name="appName" value="Manager"/>

<include file="${basedir}/globallog.config" ignoreErrors="true"/>

</nlog>

</configuration>

Related Topics
Related Documents