The Jobdestination Module
In this module you can define Job destinations. This handles the process steps and returns an result to the Job provider. The following module types may be selected:
Within a configuration file you can configure as many Job destinations as you wish. The associated configuration sections are determined by name. Therefore the Job destinations that are added can be renamed.
Related Topics
JobServiceDestination
The JobServiceDestination is the One Identity Manager Service module that deals with the handling process steps. A JobServiceDestination requests the process steps from the Job provider, processes them using process components and returns the result.
Following parameters are available:
- External slot count (ExternalSlots)
This parameter specifies how many external processes (StudioProcessor.exe) the One Identity Manager Service opens to handle process components.
- Environment variables for external slots (ExternalSlotEnvironment)
This parameter contains a list of environment variables that you should set for external slot processes. Enter the variables in a pipe (‘|’) delimited list.
Variable1=value1|Variable2=value2...
- External 32-bit slot count (ExternalSlots32)
This parameter specifies how many external processes in 32-bit memory (StudioProcessor.exe) the One Identity Manager Service opens to handle process components.
- Environment variables for external 32-bit slots (ExternalSlotEnvironment32)
This parameter contains a list of environment variables that you should set for external 32-bit slot processes. Enter the variables in a pipe (‘|’) delimited list.
Variable1=value1|Variable2=value2...
- Internal slot count (InternalSlots)
This parameter specifies how many internal slots One Identity Manager Service makes available for internal process components processing.
- File with private key (PrivateKey)
Enter the file with the encryption data. The default file is private.key. The encryption file has to be in the installation directory of all servers with One Identity Manager Service. If the One Identity Manager Service finds a private key on start up, it places it in the per-user key container and deletes the file from the hard drive.
Use the program "Crypto Configuration" in order to create an encryption file and to encrypt the database information.
NOTE: If you are working with an encrypted One Identity Manager database, see the advice for working with an encrypted database in the One Identity Manager Installation Guide.
- Encryption scheme (EncryptionScheme)
Specify the encryption scheme you want to use.
Table 205: Encryption scheme Method Description RSA RSA encryption with AES for large data (default). FIPSCompliantRSA FIPS certified RSA with TripleAES for large data. This method is used if encryption must match the FIPS 1040-2 standard. The local security policy "Use FIPS compliant algorithms for encryption, hashing, and signing" must be enabled. - Job provider ID (ProviderID)
Enter the name of the Job provider that will be used if more than one Job provider is being processed by the One Identity Manager Service. If this is empty the first Job provider is used.
- Private key ID (PrivateKeyId)
Identifier of the private key. If no ID is given, the file "private.key" is searched for. Use this parameter if you work with several private keys, for example, if One Identity Manager Service data must be exchanged between two encrypted One Identity Manager databases. Enter the private key in the module, "File with private key". If One Identity Manager only uses one encrypted database, you can enter the key file in the parameter "File with private key (PrivateKey)" as an alternative.
- Queue (Queue)
Each One Identity Manager Service within the network must have a unique queue identifier. The process steps are requested by the Job queue using exactly this queue name. Enter this queue name in the One Identity Manager Service configuration file. Create a corresponding Job server entry for every queue.
- Timeout for process queries (RequestTimeout)
This input specifies a time after which a process request can be said to have failed and is sent again.
Timeout format:
day.hour:minutes:seconds
- Process query interval (StartInterval)
This property defines a time interval in which One Identity Manager Service can request new process steps. Click on this icon to discard the change. The default value is 90 seconds. Suggestions for configuring the time interval are calculated from Job server statistical data.
- Interval of time allowed for statical calculations (StatisticInterval)
This property defines the time interval (in seconds) in which One Identity Manager Service’s processing speed statistics are supplied to the database. Click on this icon to discard the change. The default value is set to 4 times the process request interval. Suggestions for configuring the time interval are calculated from Job server statistical data.
- Max. reuse of external processors (MaxExternalSlotReuse)
This value specifies how many times an external processor can be reused before the process is unloaded and restarted. The default value "0" means that the process is not unloaded until it is no longer in use. The default value is 1000.
Related Topics
- Declaring the Job Server
- Job Server Properties
- Job Server Statistic Information
- Module File with Private Key
FileJobDestination
The FileJobDestination processes the process steps that are queued by the FileJobGate (FileJobProvider or FTPJobProvider) and returns the results to the Job provider.
Following parameters are available:
- Backup transferred files (BackupFiles)
If this option is set, all the file are moved to a directory "Backup" irrespective of errors. In the default case (not set) only files with errors are saved.
- Check file index (CheckInputIndex)
If this option is set, the file name index is checked to see if has increased in size. Files with the same or a lower index are not processed. This option is not set by default.
- Max.number of process trees in one transfer file (MaxListCount)
This setting specifies the maximum number of process steps that can be grouped together in one file. This allows limiting of the file size.
- Use encoding (UseEncryption)
The data is encoded when written to file.
NOTE: The encryption setting must be configured the same in the Job provider and associated Job destination.
- Notification procedures (EventTypes)
The FileJobProvider supports three different methods of acquiring information about new data. The notification methods can be combined when separated by commas.
Table 206: Supported Notification Procedures Method Description Timer Querying newly added data is done in a specified time interval. HTTP The provider queries the parent Jon server over HTTP and processes the added data after it has answered. FSEvent Queries newly added data after a file system event. Example:
TIMER,FSEVENT
- HTTP notification destination computer (HostName)
Enter the name of the target computer here that will receive the queries if the "HTTP" notification methods are used.
- Port for HTTP notification (Port)
Enter the transfer port here if the "HTTP" notification method are used.
- Monitoring interval for input directory (TimerInterval)
Enter the time interval in milliseconds if the "timer" notification method is used.
- Directory for receiving input (InputDirectory)
The module reads and processes the process files (*.fjg) in this directory.
NOTE: It is necessary to ensure that the Job provider and associated Job destination use the same directory. The input and output directories are correspondingly reversed.
- Destination directory (OutputDirectory)
The processed files are written to this directory.
- List of subdirectories (SubDirectories)
A list of directory names separated by a pipe character "|" can be entered here. All the directories are then monitored and processed correspondingly. The following directory structure is expected:
SubDirectories = "ServerA|ServerB"
...
Request
ServerA
ServerB
Response
ServerA
ServerB
where Request and Response are directories enter in the parameters "InputDirectory" and "OutputDirectory".
NOTE: Only the "Timer" notification method can be used. The notification methods "HTTP" and "FSEvent" are not available!
- Automatic identification of subdirectories (AutoSubDirectories)
If this option is enabled, the module automatically processes all the files in the subdirectories. Processing is not recursive.
- Job provider ID (ProviderID)
If several Job providers are processed by the One Identity Manager Service, enter the name of the Job provider to use. If this is empty the first Job provider is used.
Related Topics
FTPJobDestination
FTPJobDestination handles the process steps that are queued in the FileJobGate (FileJobProvider or FTPJobProvider) and returns the results to the Job provider.
Following parameters are available:
- Backup transferred files (BackupFiles)
If this option is set, all the file are moved to a directory "Backup" irrespective of errors. In the default case (not set) only files with errors are saved.
- Check file index (CheckInputIndex)
If this option is set, the file name index is checked to see if has increased in size. Files with the same or a lower index are not processed. This option is not set by default.
- Max.number of process trees in one transfer file (MaxListCount)
This setting specifies the maximum number of process steps that can be grouped together in one file. This allows limiting of the file size.
- Use encoding (UseEncryption)
The data is encoded when written to file.
NOTE: The encryption setting must be configured the same in the Job provider and associated Job destination.
- Notification procedures (EventTypes)
The FileJobProvider supports three different methods of acquiring information about new data. The notification methods can be combined when separated by commas.
Table 207: Supported Notification Procedures Method Description Timer Querying newly added data is done in a specified time interval. HTTP The provider queries the parent Jon server over HTTP and processes the added data after it has answered. FSEvent Queries newly added data after a file system event. Example:
TIMER,FSEVENT
- HTTP notification destination computer (HostName)
Enter the name of the target computer here that will receive the queries if the "HTTP" notification methods are used.
- Port for HTTP notification (Port)
Enter the transfer port here if the "HTTP" notification method are used.
- Monitoring interval for input directory (TimerInterval)
Enter the time interval in milliseconds if the "timer" notification method is used.
- Directory for receiving input (InputDirectory)
The module reads and processes the process files (*.fjg) in this directory.
NOTE: It is necessary to ensure that the Job provider and associated Job destination use the same directory. The input and output directories are correspondingly reversed.
- Destination directory (OutputDirectory)
The processed files are written to this directory.
- List of subdirectories (SubDirectories)
A list of directory names separated by a pipe character "|" can be entered here. All the directories are then monitored and processed correspondingly. The following directory structure is expected:
SubDirectories = "ServerA|ServerB"
...
Request
ServerA
ServerB
Response
ServerA
ServerB
where Request and Response are directories enter in the parameters "InputDirectory" and "OutputDirectory".
NOTE: Only the "Timer" notification method can be used. The notification methods "HTTP" and "FSEvent" are not available!
- Automatic identification of subdirectories (AutoSubDirectories)
If this option is enabled, the module automatically processes all the files in the subdirectories. Processing is not recursive.
- Job provider ID (ProviderID)
If several Job providers are processed by the One Identity Manager Service, enter the name of the Job provider to use. If this is empty the first Job provider is used.
- FTP server (FTPServer)
Enter the name or the IP address of the FTP Server.
- FTP port (FTPPort)
If the FTP server does not use the default port 21 for FTP transfer, you can enter the appropriate port.
- FTP user account (FTPUser)
Enter the user account with which the FTPJobProvider logs on onto the FTP Server.
- FTP password (FTPPassword)
Enter the user account password for the FTP login.