To permit only certain values for a column, you must define a list with the permitted values. Once the column display name has been created, the list of permitted values is no longer valid. For some columns of the One Identity Manager schema, already permitted values are supplied when the schema is installed.
|
NOTE: You can only enter or extend a list of permitted values for a column if the option Customizing permitted values list is not allowed is not set. |
To create a list of permitted values
Click and enter the value and display name.
|
NOTE: To edit a value, select the value and click |
|
IMPORTANT: Compile the database to bring the list of permitted values into effect. |
The values internal and external should be permitted in the Spare field no. 01 input field for an employee. The list of permitted values is defined as followed:
1=internal 2=external
For an employee with the value 1, the display value internal is shown on the forms in Manager.
A special control element is used in the Manager to display columns for which a list of permitted values has been defined. The control element is displayed as a simple input field if no list is defined. If a list is defined the control element is shown as a menu.
Figure 12: Input Field for List of Defined Values (with and without defined entries)
The control element is only available for columns on default predefined forms as well as custom columns (usually CustomProperty01-CustomProperty10).
Full-text searching uses an external search index, which returns an object key as result. The object key is used to run a search query in the database. This database search query takes the permissions of the logged in user into account during the search. A maximum of 1000 objects can be returned by through the search index.
The One Identity Manager full text search can be used in the Web Portal and in the Manager. For detailed information, see the One Identity Manager Web Portal User Guide and the One Identity Manager User Guide for One Identity Manager Tools User Interface.
For detailed information about installing an application server and configuring the Web Portal for full-text search, see the One Identity Manager Installation Guide.
The following applies for the configuration of the full text search:
If you want to index a table or a database view for the full text search, the XDateInserted, XDateUpdated and XObjectKey columns must be available.
The column Person.CentralAccount is weighted with the value 1. The column ADSAccount.SAMAccountName is weighted with the value 0.5. This results in the employee being listed before the user account in the full text search.
Only columns with the data types string or text can be included in the full-text search.
Exception: Columns that contain a list of permitted values, can always be added to the full text search.
The search service indexes the following:
The object's display value comes from the display pattern defined for the table. The display value's weighting comes from the table's primary key column weighting
The column Person.UID_Person is configured for the full-text search. The display pattern of the table Person is defined as %InternalName% (%CentralAccount%).
For the person Clara Harris, the disply value Clara Harris (CLARAH) is thus indexed.
The searched index is updates when changes are made to a table with indexed columns, to referenced tables or translations.
Certain important columns are already indexed for full text search in the default installation. You configure more columns for full text searching if you require.
To configure a column for full text search
Dynamic foreign keys are used if a reference can point to different tables. For example, the manager of a user account (<MMM>Account.ObjectKeyManagertable) can be another user account (<MMM>Account table) or a group (<MMM>Group table).
Dynamic foreign keys reference the object key (XObjectKey) of the permitted tables. Permitted tables can be limited. All tables are permitted, if there are no restrictions. Restrictions are stored in the table, DialogValidDynamicRef.
If you are defining custom dynamic foreign keys, at least one of the participating partners (dynamic foreign key column or referenced table) must be a custom object. It is not possible to extend predefined dynamic foreign keys by adding references to predefined tables.
To edit dynamic foreign keys
Property | Description |
---|---|
Table | Table from which the object key is to be determined |
Only transport as group | During data transports, the contents of the column are always transferred together with the contents of the referenced column. |
Parent relation constraint | Constraint on the relation, for example, IR - Insert Restrict. |
Parent relation test instance |
This referential integrity should be checked by D - DLL, T - Trigger or N - Nothing. Triggers and constraints are implemented to monitor the database. The triggers and constraints are created automatically and modified as necessary taking the preset restrictions of the DBQueue Processor into account. |
Child relation constraint | Constraint on the relation, for example, IR - Insert Restrict. |
Child relation test instance |
The referential integrity check should be carried out by a DLL (D), trigger (T) or nothing (N). Triggers and constraints are implemented to monitor the database. The triggers and constraints are created automatically and modified as necessary taking the preset restrictions of the DBQueue Processor into account. |
Restriction | Description |
---|---|
DeleteNotRestricted (D) | Dependencies are not taken into account on deletion. |
DeleteRestrict (DR) | The object can only be deleted when no more references to other objects exist. |
DeleteCascade (DC) | All dependent objects are deleted when this object is deleted. |
DeleteSetNULL (DS) | When deleting the object, references to the object being deleted are removed from all dependent object (SetNULL). |
InsertNotRestricted (I) | Dependencies are not taken into account on insertion. |
InsertRestrict (IR) | Checks for the referenced object when the object is added. |
One Identity Manager supports file groups to group tables together to help with administration, data assigning and data distribution. A distinction is made between logical disk stores and physical disk stores.
In the default installation, logical disk stores are predefined for the table in each module of the One Identity Manager and the system tables. You cannot change the assignments. You can create your own logical disk storage for grouping custom tables.
To define logical storage for custom tables
Select the View | Select table relations menu item and enable the DialogTable table. This shows the tab Tables for assigning tables.
You can link logical storage with physical storage - the file groups - in the One Identity Manager schema. If file groups are created on different data medium, you can use parallel accessing to enhance the performance of tables with high change rates. An example of this is tables for processing DBQueue Processor tasks or table for process handling.
|
NOTE: You cannot move the following groups into other file groups. If you do so, proper functioning of the One Identity Manager database cannot be guaranteed.
|
The One Identity Manager supports the distribution of tables to file groups with a variety of database procedures that you execute in a suitable program for executing SQL queries in the database.
|
WARNING: Only carry out the following steps for implementing file groups, together with an experienced database administrator. Ensure that the database cannot be access while file groups are being set up, for example, by the Job server, application server, web server, user interfaces, Web Portal. After restarting the DBQueue Processor, wait for all DBQueue tasks to be processed before reconnecting the database. |
|
IMPORTANT: Select a user that you use for migrating the database to execute the SQL queries. |
To distribute tables to file groups under SQL Server
exec QBM_PDiskStorePhysicalSync
Select Database | Save to database and click Save.
exec QBM_PWatchDogPrepare 1
exec QBM_PDBQueuePrepare 1
exec QBM_PTableMove
exec QBM_PDBQueuePrepare 0,1
exec QBM_PWatchDogPrepare
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy