Chat now with support
Chat with Support

Identity Manager 8.0 - Configuration Guide

One Identity Manager Software Architecture Working with the Designer Customizing the One Identity Manager Default Configuration Checking Data Consistency Compiling a One Identity Manager Database Working with Change Labels Basic System Configuration Data
One Identity Manager Authentication Module Database Connection Data Configuration Parameters for System Configuration Setting up the Mail Notification System Enabling More Languages for Displaying and Maintaining Data Displaying Country Information Setting Up and Configuring Schedules Password Policies in One Identity Manager Reloading Changes Dynamically TimeTrace Databases Machine Roles and Server Functions Files for Software Update Operating Systems in Use System Configuration Reports Using Predefined Database Queries Managing Custom Database Objects within a Database
The One Identity Manager Data Model Granting One Identity Manager Schema Permissions Working with the User Interface
Object definitions for the User Interface User Interface Navigation Forms for the User Interface Statistics in the One Identity Manager Extending the Launchpad Task Definitions for the User Interface Applications for Configuring the User Interface Icons and Images for Configuring the User Interface Language Dependent Data Representation
Process Orchestration in One Identity Manager
Declaring the Job Server One Identity Manager Service Configuration Handling Processes in the One Identity Manager
Tracking Changes with Process Monitoring Conditional Compilation using Preprocessor Conditions One Identity Manager Scripts Maintaining Mail Templates Reports in the One Identity Manager Custom schema extensions Transporting One Identity Manager Schema Customizations Importing Data Web Service Integration SOAP Web Service One Identity Manager as SPML Provisioning Service Provider Searching for Errors in the One Identity Manager Processing DBQueue Tasks One Identity Manager Configuration Files

Reloading Changes Dynamically

Table 68: Configuration Parameter for Reloading Changes
Configuration parameter Meaning
Common\CacheReload Checks for values to be reloaded in the DialogSemaphor table.
Common\CacheReload\Interval This parameter defines a time interval in seconds after which the values in the table DialogSemaphor are checked during access. This parameter is only evaluated when the parameter "Common\CacheReload\Type" is set to "TIMER".
Common\CacheReload\Type This parameter defines which method is used to check the validity of the cached data.

Permitted values are:

  • ALWAYS (check every access)
  • NEVER (never check)
  • TIMER (check after time interval)

Cached system data can be dynamically reloaded if it has changed. The changes are reloaded automatically in background. An exception to this are changes that effect the character of the user interface. These changes are only reloaded after requesting confirmation from the user. The semaphore is incremented when changes are made. The semaphore is calculated when the DBQueue Processor is run.

Which columns are reloaded is defined in the data model . You can find an overview of the semaphore in the category Base data | Advanced | Semaphore in the Designer.

  • To reload data after changes to a column, the column must be assigned to the semaphore.
  • To reload data after inserting or deleting in a table, the primary column key must be assigned to the semaphore.
Table 69: Changes to Reload
Changes Semaphore
Script assembly and Customizer Assembly
Calculate column dependencies BulkdDependencies
Names, such as column headings or display text Caption
Configuration parameter Config
Countries and time zones Country
Parts of user interface Dialog
Use of special program functions Feature
Icons Image
Tables, columns, table and column identifiers, objects, tasks Model
Notification Notification
Rights and group memberships Right
Software revisions status (for software update) SoftwareRevision
Statistic definitions DashBoardDef
Statistical content DashBoardContent
Module dependencies ModuleDepend
User data stored in memory. UserDataResident
Changes to synchronization configuration DPRConfiguration
Changes to module dependencies ModuleDepend
Changes to the Web Portal configuration AEDS
Changes to predefined SQL queries LimitedSQL

TimeTrace Databases

The history databases must be declared in the One Identity Manager database if archive data is to be included in the One Identity Manager TimeTrace function. Historical data is displayed in the TimeTrace view in the Manager.

To link a History Database into a TimeTrace

  1. Select the category Base Data | General | TimeTrace databases in the Designer.
  2. Select the menu item Object | New.
  3. Enter the One Identity Manager History Database's name.
  4. Declare the Connection parameter .
    1. Open the connection data dialog box using the [...] button next to the text box.
    2. Enter the database connection data for the One Identity Manager History Database.
      Table 70: SQL Server Database Connection Data
      Data Description

      Server

      Database server.

      Windows authentication

      Specifies whether Windows authentication is used.

      This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

      User

      Database user.

      Password

      Database user password.

      Database

      Database.

      Table 71: Oracle Database Connection Data
      Data Description
      Direct access (without Oracle client) Set this option for direct access.

      Deactivate this option for access via Oracle Clients.

      Which connection data is required, depends on how this option is set.

      Server Database server.
      Port Oracle instance port.
      Service name Service name.
      User Oracle database user.
      Password Database user password.
      Data source TNS alias name from TNSNames.ora.
    3. Click OK.
  5. Save the changes.

NOTE: Set the option Disabled to disable the connection at a later time. If a One Identity Manager History Database is disabled, it is not taken into account when determining change data in the TimeTrace.

Machine Roles and Server Functions

A machine role describes the role a computer or server assumes in a One Identity Manager system. You can give each computer or server several roles. This means, one or more machine roles can be assigned. You select machine roles when One Identity Manager components are installed.

Machine roles are structured hierarchically. If you select a machine role at installation, all parent machine are also assigned.

An example of machine role structure

Server

Job server

Active Directory

If you select the machine role "Active Directory" at installation, the additional machine roles "Job Server" and "Server" are assigned.

Some machine roles, for example, "Web" cannot be actively selected during installation. These machine roles are automatically assigned when different web applications are installed with the Web Installer.

Machine roles for installing the One Identity Manager Service are linked with server functions. The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled depending on the server function. The server functions available are predefined when a server installed, based on the selected machine role.

Example for the connection between machine roles and server functions.

The machine "Active Directory" is linked to the server function "Active Directory connector". Therefore, when you set up a Active Directory synchronization project after the machine role is installed, the server is available as synchronization server in One Identity Manager.

The installation packages and files to be installed on the computer or server are specified in a machine role. The information about the machine role, the installation package and the files is saved in the file InstallState.config during installation and are thus available for automatic software update.

If you import new files into the One Identity Manager database with the Software Loader, you should assign the files to a machine role. This ensures that the file are distributed by automatic software update.

To display information about machine roles

  • Select the category Base Data | Installation | Machine roles in the Designer.

To display information about server functions

  • Select the category Base Data | Installation | Server functions in the Designer.
Related Topics

Files for Software Update

All the files included in an installation of the One Identity Manager are stored in the One Identity Manager database with name, repository and executable code. The One Identity Manager tool to which each file belongs, for example the Manager or the One Identity Manager Service, is entered in the database. In order to distribute new or changed custom files, such as custom form archives, through automatic software updating, the files are loaded into the Software Loader database with the program "One Identity Manager".

NOTE: You will find detailed information about updating One Identity Manager and about how automatic software update works in the One Identity Manager Installation Guide.

Detailed information about this topic
Related Documents