Identity Manager 8.1 - Administration Guide for Connecting to Native Databases through Database Systems Integration Module

Database Systems Integration Module Installing DSI Working with Oracle Database Working with MSSQL Working with SAP HANA Troubleshooting

Mapping sets and object types for the database-level template

Mapping sets and object types for the database-level template

The Microsoft SQL database-level template has the following mapping sets:

  • Users: Maps all users to access the databases such as, SQL_USER_WITHOUT_LOGIN, SQL_USER_WITH_LOGIN, SQL_USER_WITH_PASSWORD (applicable only for contained databases), WINDOWS_USER and WINDOWS_GROUP into One Identity Manager.
  • Roles: Maps all database and application roles for the database into One Identity Manager.
  • UserHasRoles: Maps all users and their role membership into One Identity Manager.
  • RoleInRole: Maps all roles and their role membership into One Identity Manager.
  • UsersExtended: Maps all user properties for provisioning from One Identity Manager to MS SQL.

NOTE: Before updating the default mapping sets, you should save the backup of the One Identity Manager database.

Mapping object types between SQL tables and One Identity Manager tables

The following table here describes mapping database object types in Microsoft SQL Server to the corresponding UNS tables of One Identity Manager.

 

 

Table 3: Mapping table for MS SQL database-level object types

MS SQL database-level object types

Mapping set name

MS SQL objects

One Identity Manager table

Users

sys.database_principals

UNSAccountB

Roles

sys.database_principals

UNSGroupB

UserHasRoles

sys.database_role_members

UNSAccountBInUNSGroupB

RoleInRole

sys.database_role_members

UNSGroupBInUNSGroupB

UsersExtended

sys.sysusers

UNSAccountB

Initial synchronization

Initial synchronization

Initial synchronization is used to initialize the One Identity Manager tables with the MS SQL data. Users, logins, roles, user role membership, login role membership, and role membership are synchronized into the One Identity Manager tables.

To run the initial synchronization

  1. In the Synchronization Editor, open the synchronization project.
  2. In the Navigation section, select Start up Configurations.
  3. Click Execute.
  4. Confirm the security prompt with Yes.

    The synchronization workflow is completed successfully. The synchronized objects can be viewed in the Manager.

Provisioning workflow

Provisioning workflow

The Provisioning workflow is used to create, update, and delete Microsoft SQL login and users.

Provisioning workflow for server-level objects

Provisioning workflow for server-level objects

The Provisioning workflow for server-level objects is used to create, update, delete Microsoft SQL login, and update server-role membership.

Related Documents