One Identity Manager Software Architecture
Working with Objects in One Identity Manager
Inserting, Modifying and Deleting Objects in One Identity Manager
Working with the Designer
General Information about the Program
Menu Items
Views in the Designer
Customizing Program Settings
Using Help
Limiting List Sizes
Searching for List Entries
Using the Designer's Own Full-Text Search
Using User Defined Filters for Searching
Making and Committing Changes to Objects
The Designer Editors
Working with the Object Editor
Working with the List Editor
Customizing the One Identity Manager Default Configuration
Checking Data Consistency
Menu Items
Functions in the Result List
Result List Configuration
Multiple Editing of List entries
Displaying Object Relations
Working with the SQL Editor
Support for Scripting
Working with the Consistency Editor
Starting the Consistency Check
Recording Test Results
Repairing Errors
Compiling a One Identity Manager Database
Working with Change Labels
Creating Change Labels
Displaying Contents of a Change Label
Booking Changes to a Change Label Retrospectively
Basic System Configuration Data
One Identity Manager Authentication Module
Database Connection Data
The One Identity Manager Data Model
Database Connection Properties
Configuring a One Identity Manager Database for Testing, Development or Production
Configuration Parameters for System Configuration
Setting up the Mail Notification System
Enabling More Languages for Displaying and Maintaining Data
Displaying Country Information
Working in Different Time Zones
Determining Working Hours
Editing Countries
Editing States
Modifying Public Holidays
Setting Up and Configuring Schedules
Password Policies in One Identity Manager
Predefined Password Policies
Editing Password Policies
Custom Scripts for Password Requirements
Restricted Passwords
Testing a Password
Testing Generating a Password
Assigning a Password Policy
Reloading Changes Dynamically
TimeTrace Databases
Machine Roles and Server Functions
Files for Software Update
Importing New Files into a One Identity Manager Database
Exporting Files from a One Identity Manager Database
Configuring Files
Operating Systems in Use
System Configuration Reports
Using Predefined Database Queries
Managing Custom Database Objects within a Database
Basics of the Data Model
General Advice for Editing Table and Column Definitions
Working with the Schema Editor
Mapping Table Definitions
Granting One Identity Manager Schema Permissions
Table Properties
Working with Module Globally Unique Modifiers
Table scripts
Database Views of Type "View"
Database Views of Type "Union"
Database Views of Type "Proxy"
Database Views of Type "Read-only"
Mapping Column Definitions
Column Properties
Templates
Mapping Table Relations
Supporting File Groups
Editing Value Templates
Example of Local Value Templates within an Object
Example of Value Templates across Objects
Formats for Checking Values
Permitted Column Values
Mapping Dynamic Foreign Keys
Column Dependencies for Setting Values
Configuring Columns for Full-Text Search
Predefined Permissions Groups and System Users
Editing Permissions Groups and System Users
Working with the User Interface
Working with the User & Permissions Group Editor
Permissions Group Dependencies
Copying Permissions Groups
Manually Creating Permissions Groups
Permissions Groups Properties
Editing System Users
Adding a System User to Permissions Groups
Dynamic system user
Which Employees Use System Users?
Editing Permissions for One Identity Manager Schema Tables and Columns
Rules for Finding Valid Permissions for Tables and Columns
Working with the Permissions Editor
Availability of Certain Functionality
Displaying Permissions for an Object
Displaying the Current User's Permissions
Menu Items
Views in the Permissions Editor
Functions in the Permissions Edit View
Filtering Entries in the Permissions Editor
Granting Permissions for Tables
Granting Column Permissions
Object definitions for the User Interface
Process Orchestration in One Identity Manager
Selection Criteria for Object Definitions
Using Display Text for Object Definitions
Working with Object Definitions
User Interface Navigation
Navigation View Elements
Recommendations for Editing Menu Navigation
Working with the User Interface Editor
Editing Menu Items
General Menu Item Properties
Creating Database Queries for Data Dependent Menu Items
Editing Lists
Using Links
Using Variables
Forms for the User Interface
Recommendations for Editing Forms
Working with the Form Editor
Editing Interface Forms
Statistics in the One Identity Manager
User Interface Form Properties
Form Definitions and Form Templates
Effects of Object Definitions when Displaying Interface Forms
Features of the Assignment Form
Forms for Custom Extensions
Custom Master Data Forms
Configuration Data for Displaying Many-to-Many and Object Relations on Forms
Replacing Default Forms with Custom Forms
Working with Overview Forms
Working with Statistic Definitions
Linking Statistics into the User Interface
Diagram Types for Visualizing Statistics
Examples of Statistic Definitions
Extending the Launchpad
Task Definitions for the User Interface
Applications for Configuring the User Interface
Icons and Images for Configuring the User Interface
Language Dependent Data Representation
Declaring the Job Server
Tracking Changes with Process Monitoring
Working with the Job Server Editor
Editing a Job Server
One Identity Manager Service Configuration
Job Server Properties
Server Functions of a Job Server
Job Server Machine Roles
Job Server Statistic Information
Installing the One Identity Manager Service on the Job Server
Customizing the One Identity Manager Service Configuration for a Job Server
One Identity Manager Service Configuration Files
Process Collection Module
Handling Processes in the One Identity Manager
MSSQLJobProvider
OracleJobProvider
FileJobProvider
FTPJobProvider
HTTPJobProvider
AppServerJobProvider
The Jobdestination Module
The Configuration Module
The Logwriter Module
The Dispatcher Module
The Connection Module
The HTTP Authentication Module
The Plug-ins Module
HTTPLogPlugin
ScheduleCommandPlugin
DBSchedulerWatchDogPlugin
RequestWatchDogPlugin
PerformanceCounterPlugin
DebugMailPlugin
ShareInfoPlugin
RemoteConnectPlugin
Module File with Private Key
Working with the Process Editor
Defining Processes
Creating and Editing Processes
Executing Processes Automatically
Process Components
Properties for a Process
Using Process Specific and Global Variables for the Process Definition
Thresholds for Handling Processes
Creating and Editing Events
Creating and Editing Process Steps
Process Step Parameters
Searching for a Process Step within a Process
Comparing Processes
Exporting and Importing Processes
Simulating Process Generation
Checking the Validity of a Process
Compiling a Process
Basics for Process Monitoring
Logging Data Changes
Logging Process Information during Process Handling
Recording Messages in the Process History
Process Tracking for DBQueue Processor Operations
Archiving and Deleting Recordings
Conditional Compilation using Preprocessor Conditions
Preprocessor Relevant Configuration Parameters
Preprocessor Conditions in Objects
Preprocessor Conditions in VB.Net Expressions
Evaluation of Preprocessor Conditions during Compilation
One Identity Manager Scripts
Using Scripts
Message Output
Implementing Dates
Using Dollar ($) Notation
Maintaining Mail Templates
Reports in the One Identity Manager
Accessing Local Object Columns
Accessing Object Columns Connected by a Relation
Accessing the Old Column Value
Accessing Column Display Values
Accessing References in Comments
Accessing Local Object Meta Values
Using base. Object
Calling Functions
Pre-scripts for using in Processes and Process Steps
Using Session Services
Querying Configuration Parameters
Testing the Existence of Certain Database Entries
Querying Session Object Global Variables
Using #LD Notation
Scripts in the Script Library
Working with the Script Editor
Editing Scripts
Overriding Scripts
Testing Script Compilation
Testing a Script with the Script Editor
Testing Scripts with the System Debugger
Working with the Report Editor
Creating and Editing Reports
Custom schema extensions
General Report Properties
Creating a Data Source
Example of a Simple Report with Data Grouping
Translating Reports
Linking Reports into the User Interfaces
Data Retrieval using an SQL Query
Data Retrieval using a Database View
Data Retrieval using an Object
Data Retrieval using Single Object History
Data Retrieval using Multiple Object History
Data Retrieval using Historical Assignments
Data Query for Simulation Data
Editing Report Parameters
Using Virtual Data Sources
Editing the Report Form
Creating a New Table
Extending a Table
Defining Columns
Transporting One Identity Manager Schema Customizations
Creating a Simple Column
Creating a Foreign Key Column
Creating New Columns for Database Views
Configuring Column Properties
Creating a Read-Only Database View
Creating a Union View
Creating New Assignments Tables
Creating Indexes
Permissions for Schema Extensions
Specifying Change Labels for Schema Extensions
Adding Schema Extensions
Adding in Custom Extensions to the User Interface
Basics for Transport of One Identity Manager Schema Modifications
Creating a Transport Package with the Database Transporter
Importing Data
Transporting SQL Statements
Transporting Favorite Objects
Transport by Change Label
Transport by Change Information
Transporting Schema Extensions
Transporting Selected Objects and their Dependencies
Transporting System Configuration
Transporting System Files
Displaying Contents of a Transport Package
Importing a Transport Package with the Database Transporter
Displaying Transport History
Importing Data from CSV Files
Importing Data from a Database
Import Configuration
Web Service Integration
Assigning Target Tables and Columns
Assigning Target Columns with the Assignment Wizard
Specifying the Hierarchy
Options for Handling Records
Specifying Connection Variables
Importing Data
Using Import Definition Files
Binding a Web Service
SOAP Web Service
Generic Web Service Call
Direct Web Service Call
Self-Defined Web Service Call
Creating a Web Service Solution with the Web Service Integration Wizard
Changing a Web Service Solution
Deleting a Web Service Solution
Installing and Configuring the SOAP Web Service
One Identity Manager as SPML Provisioning Service Provider
Installing the SOAP Web Service
Configuring the SOAP Web Service
Displaying the Status of a SOAP Web Service
Uninstalling the SOAP Web Service
Examples of Calls
SPML Web Service
Installing and Configuring SPML Web Services
Configuring the One Identity Manager Schema
Testing SPML Web Service Functionality
Searching for Errors in the One Identity Manager
Monitoring Process Handling with Job Queue Info
Processing DBQueue Tasks
Working with Job Queue Info
Job Queue Info Views
Monitoring Process Execution
Error Messaging in the Error Message Window
Displaying Messages in the Error Log View
Logging Messages in the Database Journal
Writing the One Identity Manager Log
One Identity Manager Service Logging
Displaying Details of Process Handling
Displaying Details of Process Step Handling
Displaying Details of a Process Step Parameter
Reinstating Process Steps and Processes
Enabling Extended Logging of Process Steps
Determining the State of the Server
Displaying Entries in the DBQueue
Displaying Messages in the Database Journal
Displaying the Job Queue Sequence
Stopping the System (Emergency Stop)
Configuring the One Identity Manager Service Log File
Advanced Logging in the One Identity Manager Service
Displaying the One Identity Manager Service Log File
Extended Debugging in the One Identity Manager Service
Output of Extended Return Values from Individual Process Components
Outputting Custom Messages in the One Identity Manager Service Log File
Logging Messages in the Event View
HTTPLogPlugins Log File
Displaying One Identity Manager Application Server Status
Configuring the DBQueue Processor for Test and Development
Initializing the DBQueue Processor
Controlling Processing of DBQueue Processor Tasks
Processing DBQueue Processor Tasks
Reactivating DBQueue Processor Tasks
Bulk Processing in DBQueue Processor
How the Central Dispatcher Communicates with Individual Slots
Scheduled Maintenance Tasks
One Identity Manager Configuration Files
General Information about the Program
During the startup process the Designer fills an internal database. SQLite is used for the database system. This internal database contains the schema and files from the system part of the connected One Identity Manager database.
Depending on the program’s configuration, the internal database is either loaded into main memory or copied to the hard drive of the workstation. To avoid data inconsistencies, only one instance of the program should be started per database. If the database from the first instance is copied to hard disk then the databases for all other instances are loaded into main memory.
All changes to objects in the program are made in the internal database. Rights, formatting rules and side-effects of the Customizer are taken into consideration. Changes made by the user are recorded in a change log. If the internal database is stored on the hard drive, all additional changes are also logged to this database. This means that you can restore to the last working state after connecting to the database if the program crashes.
When the data is transferred all recorded changes are made to the One Identity Manager database. This is done at object level so that, for example, processes are generated and formatting rules are observed. The principle "last writer wins" applies here as opposed to the previous object processing. That means that changes have been made by a user to object properties in the mean time are overwritten.
Depending on the program settings, the internal database is deleted from the hard drive when the program has finished. This means that all the data has to be loaded from the One Identity Manager database when the program is restarted. If the internal database is not deleted when the program finishes, the next program start up can be accelerated because only changes from the One Identity Manager that is connected have to be loaded.
Menu Items
| Menu | Menu Item | Meaning | Key Combination | |
|---|---|---|---|---|
| Database | New connection... | Creates a new database connection. | Ctrl + Shift + N | |
| Save to database... | Displays the change log.Changes to the data can be saved to the One Identity Manager database. | CTRL + SHIFT + S | ||
| Reload data | Data is reloaded from the One Identity Manager database. | |||
| Compile database... | Starts the Database Compiler. |
CTRL + SHIFT + B | ||
| Change management... | Opens a dialog box for editing change labels. | |||
| Check data consistency... | Opens the Consistency Editor. This item is available when the logged in user is authorized to use this functionality. | |||
| Run SQL editor... | Starts the SQL editor. This item is available when the logged in user is authorized to use this functionality. | |||
| Change password... | Changes current user’s password. | |||
| Settings... | For configuring program settings. | |||
| Exit | Exits the program. | Alt + F4 | ||
| View | Navigation | Activates the navigation view. | CTRL + Q | |
| Task | Shows/hides task field. | Ctrl + T | ||
| Error log | Shows/hides the error log. | Ctrl + E | ||
|
Object import |
Shows/hides the view for objects to be imported. |
CTRL + I | ||
| Search | Shows/hides search dialog box. | CTRL + SHIFT + F | ||
| Close current document | Closes the current document. | |||
| Close all documents | Closes all documents that are open in the document view. | |||
| Activate document | Shows all open documents in a selection list. | |||
| Layout | Restores the default layout of the program’s graphical interface. You can save layouts and load them again. | |||
| Enable quick edit mode | Activates/deactivates quick edit mode. | |||
| Help | Community |
Opens the One Identity Manager community website. |
||
| Support Portal |
Opens the One Identity Manager product support website. |
|||
| Training |
Opens the One Identity Manager training portal website. |
|||
| Online documentation |
Opens the One Identity Manager documentation website. |
|||
| Search... |
Opens the search dialog box. |
|||
| Help for the Designer |
Opens program help.
|
F1 | ||
| transport history | Display a chronological list of migration, imports and exports of transport packages | |||
| Info... | Shows the version information for program. |
| Icon | Meaning |
|---|---|
 |
Saves changes to the One Identity Manager database. |
 |
Shows the previous object in the order that the forms were viewed (object history). |
 |
Shows next object in the order they have already been viewed (object history). |
 |
Database column help. Clicking on the help icon changes the cursor into the help icon. Then when you click on a column description, tips for using the column are displayed in the form of tooltips. |
 |
Prints the edit view. Printer settings are configured in the configuration menus. |
Views in the Designer
Views in the Designer
The following views are displayed in the Designer: There are several editors used for editing data. Their functionality and methods are tailored to the different configuration tasks.
| View | Description | ||
|---|---|---|---|
| Navigation Overview | The navigation structure of the user interface is hierarchical and allows users to drill down to the selection of an object definition. The top level of the hierarchy is used to classify One Identity Manager data into specified categories. | ||
| Document view |
Overview forms and selected editors are displayed in the document view. When an object is selected in the navigation view, the corresponding overview form is displayed.
| ||
| Task view | When an object is selected in the navigation view, the available editors are displayed together with their executable tasks. The relevant editor is opened in the document view when the object is selected. | ||
| Error log | The program’s error log displays all warnings and error messages that have occurred since the program started up. When the Designer restarts, the error log is reinstalled. | ||
| Change log | Changes made by the user are recorded in the change log. | ||
| Change label | In this view, change labels are created and edited. |
Related Topics
Customizing Program Settings
To change the program settings
- Select Database | Settings... from the menu.
|
|
NOTE: General configuration setting are preset in the configuration file Designer.exe.config. In addition, globally valid configuration settings are defined using a configuration file in One Identity’s own format. The configuration files are stored in the program directory. |
User settings
Enter the program settings for the user on the User tab. These settings are stored in the One Identity Manager database user configuration.
| Setting | Meaning |
|---|---|
| Clear local cache | Click this button to empty the local cache directory %LocalAppData%\One Identity\One Identity Manager\Cache. |
| Show balloon help | Specifies whether speech bubbles, which provide information about program functionality, are shown in the program. |
| Show large images in the navigation | Specifies whether large or small icons are shown next to the categories in navigation. |
| Show additional icons | Specifies whether icons are shown in the task list in addition to the descriptions. |
| Use single clicks | Specifies whether objects are selected from the result list with a double click or a single click. |
| Visible root nodes | Number of categories shown in the navigation at start up. Changes become effective after a restart. |
| Enable quick edit mode |
Specifies whether quick editing is enabled. By default, an object‘s overview form is displayed first. You can, however, configure the program to show the edit form for the object first, which allows faster editing. In order to do this quick edit mode has to be enabled. Quick edit mode is indicated by an additional icon in the program’s status bar. |
| Show "Getting Started" | Depending on the setting, the category Getting Started is shown or hidden. |
| Show system data | By setting this option you display comprehensive system information such as system tables, script occurrences, preprocessor dependencies. |
| Enable list limit | Specifies whether the number of elements shown in the result list and list items in controls should be limited. |
| Use system settings | If the option Enable list limit is set, the number of elements has to be entered. There is a choice between the global system setting or the users own setting. |
| Objects | Number of object for your personal list limit. If the number of results is greater than the defined number a filter dialog is opened. |
| Form history length | Number of forms available to browse through in the form history. You find the form history in the menus attached to the <Back> and <Forward> buttons in the main toolbar. |
| Search history | Number of entries available in the search history. |
General Program Settings
Enter general program settings on the Application tab. These settings are saved in the registry database on the workstation.
| Setting | Meaning | ||
|---|---|---|---|
| Culture |
Language selection. The initial program login uses the system language for the user interface. Changes to the language settings take effect after the program has been restarted. The language is set globally for all One Identity Manager programs which means that the language setting does not have to be configured for each program individually. | ||
| Show additional navigation information |
If this option is set, additional navigation information for separate interface components is shown.
| ||
| Load all system data at program startup | If this option is not enable, only the tables that are absolutely necessary are loaded when the Designer starts. The rest of the table are loaded in background and the user can already start using the program. The progress of the filling procedure is shown in the program’s status bar. If this option is enabled, all tables are loaded when the program starts. The user cannot start using the program until all the tables have been loaded. The changes take effect once the Designer has restarted. | ||
| Load BLOB fields from database at program start | If this option is not enabled, the contents of the binary fields is not loaded until needed. If the option is enable, this data is already loaded at program startup. The means that program startup takes longer. The changes take effect once the Designer has restarted. | ||
| Save database locally | If this option is enable the internal database is not deleted when the program ends. This accelerates restarting the program the next time since only the changes connected with the One Identity Manager database need to be reloaded. If the option is not enabled the internal database is deleted from the hard disk when the program ends. This means that all the data has to be loaded from the One Identity Manager database when the program is restarted. | ||
| Use RAM to store system data (no crash recovery) | If this option is not enable, the internal database is saved on the workstation hard disk. If the option is enabled, the internal database is loaded into the workstation’s RAM. In this case the database cannot be restore if the program crashes. The changes take effect once the Designer has restarted. | ||
| Database directory | If the option Save database locally is set, the database is stored in the directory %LocalAppData%\One Identity\One Identity Manager\Designer\Cache. You save the database somewhere else by selecting another database directory. |