Chat now with support
Chat with Support

Identity Manager 8.0 - Data Archiving Administration Guide

Selecting an Archiving Procedure in the One Identity Manager Database

Selecting an Archiving Procedure in the One Identity Manager Database

Select the basic procedure by setting the configuration parameter "Common\ProcessState\ExportPolicy". If the configuration parameter is disabled, the data remains in the One Identity Manager database. If the configuration parameter is enabled, the selected procedure is applied.

Table 3: Permitted Values for the Configuration Parameter "Common\ProcessState\ExportPolicy"
Value Meaning
FILE The data is exported to XML files after a specified time period has expired.
HDB The files are transferred directly to the One Identity Manager History Database after a specified time period has expired.
NONE The data is deleted in the One Identity Manager database after the specified time period has expired.

After selecting the basic procedure, you can specify whether data is exported or deleted for each subsection of records individually. You use configuration parameters to make the choice for each subsection.

Table 4: Configuration Parameter for Handling Change Data
Configuration parameter Meaning
Common\ProcessState\PropertyLog\IsToExport Exports the data changes. If this configuration parameter is not set the information is deleted once the retention period has expired.
Common\ProcessState\PropertyLog\LifeTime This configuration parameter specifies the maximum retention period in the database for log entries from change tracking.
Table 5: Configuration Parameter for Handling Process Information
Configuration parameter Meaning
Common\ProcessState\ProgressView\IsToExport Exports the data in the process information. If this configuration parameter is not set the information is deleted once the retention period has expired.
Common\ProcessState\ProgressView\LifeTime This configuration parameter specifies the maximum length of time that log data from process information can be kept in the database.
Table 6: Configuration Parameter for Handling Process History
Configuration parameter Meaning
Common\ProcessState\JobHistory\IsToExport Exports the information in the process history. If this configuration parameter is not set the information is deleted once the retention period has expired.
Common\ProcessState\JobHistory\LifeTime This configuration parameter specifies the maximum retention period in the database for log entries from process history.

Specifying Data Retention Periods

Once the retention period has ended, the recorded data is either exported or deleted from the One Identity Manager database depending on which archiving method has been chosen. A longer retention period should be selected for subsections whose records will be exported than for those that will be deleted.

NOTE: If you do not specify a retention period, the records for this subsection will be deleted daily from the One Identity Manager database within the DBQueue Processor daily maintenance tasks.

The recordings are not exported until the retention period for all subsections has expired and no other active processes for the process group (GenProcID) exist in the DBQueue, process history or as planned operation.

Example 1

Records are transferred directly to the One Identity Manager History Database. The following configurations are selected for each subsection:

Configuration Process Information Process History Data Changes
Export data No No Yes
Retention period 3 days 4 days 5 days

This results in the following sequence:

Time Process Information Process History Data Changes
Day 3 Data is deleted from the One Identity Manager database No action No action
Day 4 - Data is deleted from the One Identity Manager database No action
Day 5 - - Data is transferred to the One Identity Manager History Database and then deleted from the One Identity Manager database
Example 2

Records are transferred directly to the One Identity Manager History Database. The following configurations are selected for each subsection:

Configuration Process Information Process History Data Changes
Export data Yes No Yes
Retention period 3 days 4 days 5 days

This results in the following sequence:

Time Process Information Process History Data Changes
Day 3 No action because the retention period has not ended for all subsections No action No action
Day 4 No action because the retention period has not ended for all subsections Data is deleted from the One Identity Manager database No action
Day 5 Data is exported and then deleted - Data is transferred to the One Identity Manager History Database and then deleted from the One Identity Manager database

Configuring the Databases for Direct Archiving

One Identity Manager database:
  • Enable the configuration parameter "Common\ProcessState\ExportPolicy" in the Designer and enter the value HDB.
  • Configure the subsections for export and define a retention period.
  • Check the value of the configuration parameter "Common\ProcessState\PackageSizeHDB". This parameter specifies the maximum number of process groups to be transferred to the History Database. The default value is 10000.
One Identity Manager History Database:
  • Declare the One Identity Manager database as source database in the One Identity Manager History Database.
  • Importing is carried out at regular intervals by the One Identity Manager History Service. Configure and enable the system schedule "Import process information directly" in the Designer.
Related Topics

Declaring the Source Database

Declare the One Identity Manager database to be used for transferring data to the One Identity Manager History Database. Use the HistoryDB Manager to setup access to the source databases.

To declare the source database

  1. Start the HistoryDB Manager and enter the connection data.
  2. Select the category History | Base Data | Source databases.
  3. Select the source database in the result list and edit the master data.
    Table 7: Data for Source Database
    Property Meaning
    Server

    Name of the database server where the One Identity Manager database is installed. The server name can be queried in the One Identity Manager database using the following statement:

    select @@SERVERNAME

    Enter the port as follows if the server can be reached through a specific port.

    Server name, Port

    Database Name of the One Identity Manager database.
    Database ID

    Database ID of the One Identity Manager Database. This ID corresponds to the UID of the database entry in the One Identity Manager database.

    NOTE: Connect to the One Identity Manager database with the Object Browser and copy the value from the column UID_Database in the table DialogDatabase. Insert the value in the input field Database ID.

    Use integrated Windows authentication

    If you use Windows integrated authentication the data transfer takes place with the One Identity Manager History Service user account. You need to take certain installation prerequisites into account in order to use this authentication procedure. For more information refer to Prerequisites for Maintaining a One Identity Manager History Database.

    Database user

    Database user used to access the source database. If the One Identity Manager History Database and the One Identity Manager database are on the same server this input is not required. The database user under which the One Identity Manager History Database runs is used for access. If the One Identity Manager History Database and the One Identity Manager database are not on the same server enter the One Identity Manager database user to be used to execute the data transfer. Note the permissions described in Database Users under SQL Server.

    Password

    Database user password.

    Start and end dates for logging These dates are automatically set and updated when records are imported.
  4. Save the changes.
Related Documents