Chat now with support
Chat with Support

Identity Manager 8.0 - Target System Synchronization Reference Guide

Target Synchronization with the Synchronization Editor Basics of Target System Synchronization Setting up Synchronization
Starting the Synchronization Editor Creating a Synchronization Project How to Configure Synchronization
Setting Up Mappings Setting up Synchronization Workflows Connecting Systems Editing the Scope Using Variables and Variable Sets Setting up Start up Configurations Setting up Base Objects
Overview of schema Classes Customizing Synchronization Configuration Checking Synchronization Configuration Consistency Activating the Synchronization Project
Running Synchronization Synchronization Analysis Setting up Synchronization with Default Connectors Updating Existing Synchronization Projects Additional Information for Experts Error Handling Appendix: Example of a Configuration File

Error Handling

Incorrect Mapping of Object Hierarchy after Synchronization

If objects, which map a hierarchy, are synchronized the following errors can occur:

  • Objects are mapped to the wrong position in the hierarchy.
  • Objects are not loaded.
Probable reason

The parent objects could not be referenced. If the parent object is a mandatory property, the child objects cannot be saved.

By default, objects are processed in blocks of 1024 each during synchronization. Objects are loaded in random order. Therefore, a child object might be processed before its parent object has been loaded. Thus the parent object cannot be assigned.

Example: Importing cost center with the CSV connector

Cost centers make up an object hierarchy. The respective parent object is assigned through the column UID_ParentProfitCenter. The complete hierarchy path is kept in the column FullPath.

During synchronization, a cost center might be loaded before its parent cost center. Therefore, the parent cost center cannot be referenced. Because the parent cost center is not a mandatory property, the object is loaded but appears at a strange place in the hierarchy. A different full name is formatted in the database as given in the CSV file. If the full name is the only matching criteria for identifying the object the objects cannot be assigned uniquely.

Solution

NOTE:

  • The solution approach only applies for resolving references of the same object type.
  • SynchronizationClosed can get slower if the amount of data is large.
  • The solution described is one way to prevent the error. There may be other solutions depending on the actual data situation.

To prevent the error

  • Label the column containing the hierarchy path as the sort criteria in the target system schema and set the partition size to "1".

    The objects are sorted by hierarchy path during synchronization and loaded one by one in the database in this order. This ensures that the parent object is already loaded and can be referenced.

  • Ensure manual dependency resolution is set in the synchronization workflow.

    This can be necessary in certain situations, for example, when synchronizing cost centers. In this case, the full name is the only matching criteria. It is formatted by template in the One Identity Manager database from the cost center name (column AccountNumber) and the full name of the parent object. In the case of automated dependency resolution, the parent objects are not assigned until the second synchronization step. Therefore, no parent objects are assigned after the first synchronization step. The full name is only formatted from the cost center name. All child objects therefore, have another full name in the database as in the target system. In the second synchronization step, there objects can no longer be identified. Thus parent objects cannot be assigned by it.

    In the case of manual dependency resolution, all property mapping rules are executed in one synchronization step. The parent object assigned immediately. This way, the template finds the correct full names.

To mark a column as sort criterion

  1. Edit the target system schema in the Synchronization EditorClosed.
    1. Select the category Configuration | Target system.
    2. Click Edit connection....

      This starts the system connection wizard.

  2. Select the page where you can edit the option Hierarchical sort order.

    NOTE: The different target system connection wizards display different pages. For example, select the page Display information in the system connection wizard for CSV systems.
  3. Select the column containing the hierarchy path.
  4. Enable the option Hierarchical sort order.
  5. Save the changes.

To adjust the partition size

  1. Enable expert mode in the Synchronization Editor.
    1. Select the menu Database | Settings....
    2. EnableEnable expert mode.
    3. Click OK.
  2. Edit the start up configuration properties.
    1. Select the category Configuration | Start up configurations.
    2. Select the start up configuration in the document view and click Edit....
  3. Select the Advanced tab.
  4. Enter the value "1" in Partition size.

    For more detailed information about start up configuration advanced properties, see the One Identity Manager Target SystemClosed Synchronization Reference Guide.

  5. Click OK.
  6. Disable expert mode

To set manual dependency resolution

  1. Edit the workflow properties.
    1. Select the category Workflows.
    2. Select the workflow in the navigation view.
    3. Select the General view in the WorkflowClosed Editor and click Edit.
  2. Select the value "Manual" in Dependency resolution.
  3. Click OK.
  4. Save the changes.
  5. Activate the synchronization project.

Appendix: Example of a Configuration File

The following except from a configuration file contains the changes required for the example in section Customizing the Configuration File.

<?xml version="1.0" encoding="utf-8" ?>

<SynchronizationEditorWorkspace Version="1.0">

<Parameters>

<Parameter Name="Database" Display="Connected database" IsQueryParameter="false" IsSecret="false"></Parameter>

<Parameter Name="DBUser" Display="Database server user" IsQueryParameter="false" IsSecret="false"></Parameter>

<Parameter Name="DBPassword" Display="Database server password" IsQueryParameter="true" IsSecret="true"></Parameter>

<Parameter Name="SystemUser" Display="One Identity Manager system user" IsQueryParameter="false" IsSecret="false"></Parameter>

<Parameter Name="SystemPassword" Display="Password of system user" IsQueryParameter="true" IsSecret="true"></Parameter>

<Parameter Name="Domain" Display="Distinguished name of the domain" IsQueryParameter="false" IsSecret="false"></Parameter>

<Parameter Name="DomainController" Display="Distinguished name of the domain controller" IsQueryParameter="false" IsSecret="false"></Parameter>

<Parameter Name="ADUser" Display="Active Directory user" IsQueryParameter="false" IsSecret="false"></Parameter>

<Parameter Name="ADUserPassword" Display="Password of Active Directory user" IsQueryParameter="true" IsSecret="true"></Parameter>

<Parameter Name="SyncProject" Display="SynchronizationClosed Project" IsQueryParameter="false" IsSecret="false"></Parameter>

</Parameters>

<global>

<Data Name="WorkDatabase.ConnectionString" Display="Connection string" Type="System.String, mscorlib">data source=Datenbankserver;initial catalog=$Database$;user id=$DBUser$;pooling=false;Password=$DBPassword$</Data>

<Data Name="WorkDatabase.AuthenticationString" Display="Authentication string" Type="System.String, mscorlib">Module=Authentifizierungsverfahren;User[VI.DB_USER]=$SystemUser$;(Password)Password[VI.DB_Password]=$SystemPassword$</Data>

<!-- … -->

</Global>

<Editors>

<Editor Name="ShellWizard" Type="VI.Projector.Editor.Wizards.ShellWizard, VI.Projector.Editor">

<!-- … -->

<Data Name="ShellDisplay" Display="Script display name" Type="System.String mscorlib">$SyncProject$</Data>

<!-- … -->

<Data Name="MainConnection.ConnectionParameter" Display="Connection parameter" Type="System.String, mscorlib">Authentication=ProjectorAuthenticator;data source=databaseserver; DBFactory="VI.DB.ViSqlFactory, VI.DB";initial catalog=$Database$;password=$DBPassword$; pooling=False;user id=$DBUser$</Data>

<!-- … -->

<Data Name="ConnectedSystemConnection.ConnectionParameter" Display="Connection parameter" Type="System.String, mscorlib">ADAuthentication=1;ADEnableras=False;ADEnablerecyclebin=False; ADEnableterminal=True;ADPort=389;ADRootdn=$Domain$;ADServer=$DomainController$; ADTypeEnableExtensions=True;ADTypeExtensions=;baseloginaccount=$ADUser$; basepassword=$ADUserPassword$</Data>

<!-- … -->

</Editor>

</Editors>

</SynchronizationEditorWorkspace>

Related Documents