A synchronization project collects all the information required for synchronizing the One Identity Manager database with a target system. Connection data for target systems, schema types and properties, mapping and synchronization workflows all belong to this.
Make the following information available for setting up a synchronization project for synchronizing with the native database connector.
Data | Explanation | ||
---|---|---|---|
Synchronization server |
All One Identity Manager Service actions are executed against the target system environment on the synchronization server. Entries which are necessary for synchronization and administration with the One Identity Manager database are processed by the synchronization server. Installed components:
The synchronization server must be declared as a Job server in One Identity Manager. The Job server name is required. For more information, see Setting Up the Synchronization Server. | ||
Remote connection server |
To configure synchronization with a target system, One Identity Manager must load the data from the target system. One Identity Manager communicates directly with target system to do this. The remote connection server and the workstation must be in the same Active Directory domain. Remote connection server configuration:
The remote connection server must be declared as a Job server in One Identity Manager. The Job server name is required.
For more detailed information about setting up a remote connection, see the One Identity Manager Target System Synchronization Reference Guide. | ||
Synchronization workflow |
Set the option Data import in the synchronization step if synchronization data is imported from a secondary system. You cannot select the processing method "MarkAsOutstanding" for these synchronization steps.
For more detailed information about synchronizing user data with different systems, see the One Identity Manager Target System Synchronization Reference Guide. | ||
Base object |
You cannot normally specify a base object for synchronizing with
| ||
Variable set |
If you implement specialized variable sets, ensure that the start up configuration and the base object use the same variable set. |
To configure synchronization with the native database connector
There is an wizard to assist you with setting up a synchronization project. This wizard takes you all the steps you need to set up initial synchronization with a target system. Click Next once you have entered all the data for a step.
|
NOTE: The following sequence describes how you configure a synchronization project if the Synchronization Editor
Additional settings can be made if the project wizard is run in expert mode or is started directly from the Synchronization |
To set up a synchronization project
|
NOTE: If synchronization is executed by an application server, connect the database through the application server. |
This starts the Synchronization Editor's project wizard.
In this case, set the option Connect using remote connection server and select, under Job serverServer with the One Identity Manager Service installed., the server you want to use for the connection.
For more information, see Connecting a System to an SQL Server Database.
|
NOTE: Reenter all the connection data if you are not working with an encrypted One Identity Manager database and no synchronization project has been saved yet in the database. This page is not shown if a synchronization project already exists. |
|
NOTE: The native database connection does not provide a default project template for setting up synchronization. If you have created your own project template, you can select it to configure the synchronization project. Otherwise, select Create blank project. |
Property | Description | ||
---|---|---|---|
Display name | Display name for the synchronization project. | ||
Script language | Language in which the scripts for this synchronization project are written.
Scripts are implemented at various points in the synchronization configuration. Specify the script language when you set up an empty project.
If you use a project template, the template's script language is used. | ||
Description | Spare text box for additional explanation. |
Data | Explanation |
---|---|
Server | Name of the server on which the database server is installed. The fully qualified server name or the IP address may be given. |
User account and password | User account and password used by the native database connector to log in to the external database. Make a user account available with sufficient permissions. |
Database | Name of the external database to be synchronized. |
Windows authentication |
Specifies whether Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication. |
To configure the connection to an SQL Server database
The database system connection is tested the moment you click Next.
Property | Database display name | ||
---|---|---|---|
Database display name | Database display name used in the One Identity Manager tools. | ||
System identifier | Unique identifier for the database.
|
If the schema is loaded successfully, the next step in the sequence can be carried out. A message informs you whether the schema was identified.
|
NOTE:
|
Property | Description |
---|---|
Hide unconfigured tables | Specifies whether table are hidden if no settings have been changed. |
Schema | Tables without a unique key. |
Column is key | Specifies whether the column contains a unique key. |
Column group | Button for editing column groups. Create a column group, if a unique key can only be made of a combination of more than one column.
|
Property | Description |
---|---|
Key name | Column group identifier. Permitted characters are letters and underscore. A virtual column is formed from the column group with the name "vrtColumnGroup<column group>". |
Columns | Columns included in the column group. Mark all the column, which together make up the unique key. |
Property | Description | ||
---|---|---|---|
Hide unconfigured tables | Specifies whether table are hidden if no settings have been changed. | ||
Schema | Database schema tables. | ||
Target(s) | Columns pointed to by the reference. Enter table and column names in the following syntax: [<schema>].<table name>.<column name>. If a reference points to several column, enter the targets in a comma delimited list. The target columns must be labeled as key columns.
| ||
Referential integrity enabled | Specifies whether referential integrity of the target table data is ensured. |
Property | Description |
---|---|
Hide unconfigured tables | Specifies whether table are hidden if no settings have been changed. |
Schema | Tables and columns in the database. |
Display value | Columns used in the display pattern.
|
Preferred key | Specifies whether the column is primarily used for object identification. A preferred key can defined, if a table has more than one unique key. Only columns with the data type "String" can be selected. |
Contains sensitive data | Specifies whether the column contains sensitive data. |
Revision |
Specifies whether columns have a revision counter. The data in this column form the comparison value for revision filtering. |
Hierarchy sort criterion | Specifies whether the column maps the path in an object hierarchy. Synchronization |
Scope |
Specifies whether the column can be used for setting the reference scope. |
Property | Description |
---|---|
Display pattern | Pattern for displaying objects in the Synchronization Editor
|
|
WARNING: Well-founded programming knowledge is required for setting up data operations. Errors at this stage can lead to loss of data. |
To define a data operation
Property | Description | ||||||
---|---|---|---|---|---|---|---|
Hide unconfigured tables |
Specifies whether table are hidden if no settings have been changed. | ||||||
Table/Operation | Tables for which data operation are being defined. | ||||||
Strategy | Strategy for creating the data operation and executing it. A simple procedure can be called for a data operation or a script can be executed. Select the strategy you want use to define the data operation.
| ||||||
Options | Define the data operation to be executed when objects are inserted, updated or deleted. Enter the procedure call or create a script depending on the selected strategy.
Example of pattern based data: exec CreateUser('%Uid%','%FirstName%','%LastName%') It has an advanced edit mode which provides additional actions. For more detailed information about support for creating scripts, see the One Identity Manager Target System Synchronization Reference Guide. |
All the schema data (schema types and schema properties) of the target system schema and the One Identity Manager schema are available when you are editing a synchronization project. Only a part of this data is really needed for configuring synchronization. If a synchronization project is finished, the schema is compressed to remove unnecessary data from the synchronization project. This can speed up loading the synchronization project. Deleted schema data can be added to the synchronization configuration again at a later point.
If the target system schema or the One Identity Manager schema has changed, these changes must also be added to the synchronization configuration. Then the changes can be added to the schema property mapping.
To include schema data that have been deleted through compressing and schema modifications in the synchronization project, update each schema in the synchronization project. This may be necessary if:
To update a system connection schema
- OR -
Select the categoryConfiguration | One Identity Manager connection.
This reloads the schema data.
To edit a mapping
Opens the MappingList of object matching rules and property mapping rules which map the schema properties of two connected systems to one another. Editor. For more detailed information about editing mappings, see One Identity Manager Target System
An instance of a target system in which the employees managed by One Identity Manager have access to network resources. Example: An Active Directory domain X for target system type "Active Directory", a directory Y for target system type "LDAP", a client Z for target system type "SAP R/3". Synchronization
The process of comparing data between One Identity Manager and a target system. Objects and their properties are compared by fixed rules. Synchronization results in the identical data situation in the target system and One Identity Manager database. Reference Guide.
|
NOTE: The synchronization is deactivated if the schema of an activated synchronization project is updated. Reactivate the synchronization project to synchronize. |
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy