Chat now with support
Chat with Support

Identity Manager 8.0 - Configuration Guide

One Identity Manager Software Architecture Working with the Designer Customizing the One Identity Manager Default Configuration Checking Data Consistency Compiling a One Identity Manager Database Working with Change Labels Basic System Configuration Data
One Identity Manager Authentication Module Database Connection Data Configuration Parameters for System Configuration Setting up the Mail Notification System Enabling More Languages for Displaying and Maintaining Data Displaying Country Information Setting Up and Configuring Schedules Password Policies in One Identity Manager Reloading Changes Dynamically TimeTrace Databases Machine Roles and Server Functions Files for Software Update Operating Systems in Use System Configuration Reports Using Predefined Database Queries Managing Custom Database Objects within a Database
The One Identity Manager Data Model Granting One Identity Manager Schema Permissions Working with the User Interface
Object definitions for the User Interface User Interface Navigation Forms for the User Interface Statistics in the One Identity Manager Extending the Launchpad Task Definitions for the User Interface Applications for Configuring the User Interface Icons and Images for Configuring the User Interface Language Dependent Data Representation
Process Orchestration in One Identity Manager
Declaring the Job Server One Identity Manager Service Configuration Handling Processes in the One Identity Manager
Tracking Changes with Process Monitoring Conditional Compilation using Preprocessor Conditions One Identity Manager Scripts Maintaining Mail Templates Reports in the One Identity Manager Custom schema extensions Transporting One Identity Manager Schema Customizations Importing Data Web Service Integration SOAP Web Service One Identity Manager as SPML Provisioning Service Provider Searching for Errors in the One Identity Manager Processing DBQueue Tasks One Identity Manager Configuration Files

Making and Committing Changes to Objects

All changes to objects in the program are made in the internal database. Rights, formatting rules and side-effects of the Customizer are taken into consideration. Changes made by the user are also recorded in a change log.

To display change data

  • Select Database | Commit to database....

The entries in the change log are grouped by editor. Actions ( add, change and delete) that have been executed and changes to the object’s properties with old and new values are displayed in the log.

Table 10: Icons in the Change Log
Icon Description
Adds the object.
Deletes the object.
The object has been changed.

The following functions are available in the change log:

  • Enable or disable changes

    You can disable individual changes in the change log. These changes are not transferred to the One Identity Manager database when the data is saved. You can however, re-enable changes at a later date. You can enable or disable each change using the corresponding icon in the change log toolbar.

  • Assign change labels

    It is also possible to create a group of all the changes in the change log, under one label.

    • Select the change label from the Change label pop-up menu before you save the changes.
    • Use the context menu Special change label in the change log to assign single changes to a specific change label.

    Once the changes are saved in the One Identity Manager database, the objects that are effected are given a change label.

  • Save changes

    All changes are saved to the One Identity Manager database as specified. This is done at object level so that, for example, processes are generated and formatting rules are observed. The principle "last writer wins" applies here as opposed to the previous object processing. That means that changes made by a user to object properties in the mean time are overwritten.

Table 11: Functions in the Change Log Toolbar
Icon Description
Enables change/section.
Ignores change/section.
Edit a change label.
Specifies a default change label. This change label is used for all subsequent changes.
Related Topics

The Designer Editors

The Designer Editors

The Designer provides various editors for the One Identity Manager system configuration. The functionality and the mode of operation of the editors depends on the different configuration requirements. When an object is selected in the navigation view the editors that can be used are displayed together with the executable tasks.

Table 12: Designer Editors
Editor Description
Object Editor The Object Editor is provided for editing single objects. All properties of an object are represented in table form and can be edited depending on the permissions situation. In addition, properties such as edit permissions and column definitions are shown. For more information, see Working with the Object Editor.
List Editor The List Editor is used to display result lists and to quickly edit objects and object relations. Object properties are displayed in tabular form but there is no additional information about each property as in the Object Editor. For more information, see Working with the List Editor.
User & Permissions Group Editor The User & Permissions Group Editor is the tool that creates and edits permissions groups and system users. Each employee that logs onto One Identity Manager tools requires a system user ID. More that one employee can work with one system user. The user interface and the system user permissions are loaded during the One Identity Manager tools login. For ease of administration, system users are grouped into permissions groups. Thus the user interface and the permissions structure is controlled over the system user’s memberships in permissions groups. For more information, see Working with the User & Permissions Group Editor.
User Interface Editor The One Identity Manager is used for editing User Interface Editor tools navigation. The navigation defines specific entry points into the tool's user interface and controls the user oriented navigation down to the selection of an object in the result list. You can set up the structure of the user interface navigation through a menu. There are different types of menu items with specific uses. You can design a multifaceted navigation by combining different types of menu items. For more information, see Working with the User Interface Editor.
Overview Form Editor Use the Overview Form Editor to set up overview forms for One Identity Manager tools. For more information, see Working with the Overview Form Editor.
Permissions Editor The Permissions Editor is used to edit the permission or rights structure for permissions groups and system users. Each permissions group and even each system user can be given permissions for the table and columns in the One Identity Manager database. The permissions for the One Identity Manager database tables are issued depending on their membership in permissions groups when a system user logs into One Identity Manager tools. In this way, system user’s access to tables and individual columns in the data can be controlled. For more information, see Working with the Permissions Editor.
Process Editor

The principle of the One Identity Manager’s functionality allows the assignment of flexible actions and sequences of specific events. For example, the steps that need to be executed in order to add a user account to the database can be described in the form of a workflow. In this case, each action is represented by a process step and workflows are transformed into processes by linking the process steps together. The Process Editor is the tool with which the process sequence are defined and modified in the One Identity Manager, events assigned and linked.For more information, see Working with the Process Editor.

Job Server Editor You use the Job Server Editor to edit the Job server attributes and the One Identity Manager Service configuration file. For more information, see Working with the Job Server Editor.
Language Editor The One Identity Manager displays information on a language dependent basis. You can use this to edit captions for the One Identity Manager tool user interfaces in different languages. The One Identity Manager default installation is supplied in the languages "English - United States [en-US]" and "German - Germany [de-DE]". You can use other languages if required. To do this it is advisable to translate the required text before starting to use the One Identity Manager. There is a Designer in the Language Editor to help you do this. For more information, see Working with the Language Editor.
Schema Editor The Schema Editor displays an overview of the entire One Identity Manager database model. Schema Editor is used to customize table and column definitions to suit the customer. For example, you can define formatting rules or formatting scripts with the Schema Editor. For more information, see Working with the Schema Editor.
Configuration Parameter Editor The Configuration Parameter Editor provides an overview of all the configuration parameters in the One Identity Manager and their current values. You should check and if necessary adjust the configuration parameters before the systems goes live. For more information, see Working with the Schema Editor.
Script Editor Scripts are used in the One Identity Manager to check values in columns or to start events such as create, modify or delete objects. You can use the Script Editor to create, edit and test customer specific scripts.For more information, see Working with the Schema Editor.
SQL Editor You can use the SQL Editor to run database queries against the internal Designer’s SQLite database. For more information, see Working with the SQL Editor.
Consistency Editor Use the Consistency Editor to analyze database object for data consistency. A number of tests are offered to test the database and if necessary run a repair. For more information, see Working with the SQL Editor.
Mail Template Editor Use the Mail Template Editor to create and edit mail templates. Mail templates are used to generate email notifications, for example, notifications from process handling, attestation or IT Shop request statuses. Mail text is defined in several languages in the mail template. This ensures that the language of the recipient is taken into account when the email is generated. For more information, see Working with the SQL Editor.

Working with the Object Editor

Working with the Object Editor

The Object Editor is provided for editing single objects. All properties of an object are represented in table form and can be edited depending on the permissions situation. In addition, properties such as edit permissions and column definitions are shown.

Menu Items

The following items are added to the menu bar when the editor starts.

Table 13: Menu Items Added by the Editor
Menu Menu Item Meaning
Object New Creates a new object.
Save Saves all changes to an object.
Delete Deletes current object.
Discard Returns object to previous state.
Reload object Updates the object view.
Options Group view The object properties are displayed as groups.
Column names Column display text is shown. If the option is not enabled, the technical names according to the One Identity Manager schema are shown.
Primary key Show/Hide primary keys.
Extended Show/hide the extended column properties.
Help Object Editor help Opens the editor help.
Table 14: Meaning of Toolbar Icons
Icon Meaning
The object properties are displayed as groups.
Displays caption/technical name depending on the One Identity Manager schema.
Shows/Hides primary keys.
Shows/hides the extended column properties.
Creates object.
Saves changes.
Deletes object.
Resets object to previous state (lose changes).
Updates object view.
Related Documents