Chat now with support
Chat with Support

Identity Manager 9.2 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Machine roles and server functions

A machine role describes the role a computer or server assumes in a One Identity Manager system. You can give each computer or server several roles. This means, one, or more machine roles can be assigned. You select machine roles when One Identity Manager components are installed.

Machine roles are structured hierarchically. If you select a machine role at installation, all parent machine are also assigned.

Example: Machine role structure

Server

Job server

Active Directory

If you select the Active Directory machine role during the installation, the Job server and Server machine roles are also assigned.

Some machine roles such as Web cannot be actively selected during the installation. These machine roles are automatically assigned when different web applications are installed with the Web Installer.

Machine roles for installing the One Identity Manager Service are linked with server functions. The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function. The server functions available are predefined when a server installed, based on the selected machine role.

Example: Connection between machine roles and server functions.

The Active Directory machine role is connected to the Active Directory Connector server function. Therefore, when you set up a One Identity Manager synchronization project after the machine role is installed, the server is available as synchronization server in Active Directory.

The installation packages and files to be installed on the computer or server are specified in a machine role. The information about the machine role, the installation package and the files is saved in the file InstallState.config during installation and are thus available for automatic software update.

NOTE: If you use the Software Loader to import new files into the One Identity Manager database, you should assign the files to a machine role. This ensures that the file are distributed by automatic software update. For more information about automatic software updates, see the One Identity Manager Installation Guide.

Related topics

Overview of server functions

To display information about server functions

  • In the Designer, select the Base data > Installation > Server functions category.

The server function defines the functionality of a server in One Identity Manager. One Identity Manager processes are handled with respect to the server function.

NOTE: More server functions may be available depending on which modules are installed.
Table 92: Permitted server functions

Server function

Remark

Update server

This server automatically updates the software on all the other servers. The server requires a direct connection to the database server that One Identity Manager database is installed on. It can run SQL tasks.

The server with the One Identity Manager database installed on it is labeled with this functionality during initial installation of the schema.

SQL processing server

It can run SQL tasks. The server requires a direct connection to the database server that One Identity Manager database is installed on.

Several SQL processing servers can be set up to spread the load of SQL processes. The system distributes the generated SQL processes throughout all the Job servers with this server function.

CSV script server

This server can process CSV files using the ScriptComponent process component.

One Identity Manager Service installed

Server on which a One Identity Manager Service is installed.

SMTP host

Server from which One Identity Manager Service sends email notifications. Prerequisite for sending mails using One Identity Manager Service is SMTP host configuration.

Default report server

Server on which reports are generated.

Related topics

Overview of machine roles

To display information about machine roles

  • In the Designer, select the Base data > Installation > Machine roles category.

Installation packages to be installed on the Job server are found depending on the selected machine role.

Table 93: Machine role and installation package options
Machine role Description of the installation package

Database Agent

Contains the DatabaseAgentServiceCmd.exe program for running the Database Agent Service from the command line.

Documentation

Contains One Identity Manager documentation in different languages.

SCIM Provider

Contains the SCIM Plugin for the API Server

Server

Contains all the basic components for setting up a server.

Server | Job Server

Contains the One Identity Manager Service and basic processing components. Additional machine roles contain connectors for synchronizing individual target systems.

Server | Job Server | Configuration tool

Contain configuration tool for the One Identity Manager Service.

Server | Web

Contains all the basic components for setting up a web server.

Server | Web | Application Server

Contains the components for setting up an application server. The machine roles Search Service and Search Indexing Service are required for indexing the full text search. These machine roles are always used together.

Server | Web | Business API Server

Contains the components for setting up an API Server.

Server | Web | Manager Web Application

Contains the tools for installing and configuring the Manager on a web server.

Server | Web| End User Web Application

Contains the tools for installing and configuring the Web Portal on a web server.

Workstation

Contains all basic components for installing tools on an administrative workstation.

Workstation | Administration

Contains administration tools required by default users for fulfilling their tasks with One Identity Manager. In addition to the tools that ensure basic functionality for working with One Identity Manager, the administration machine role includes the Manager as a main administration tool.

Workstation | Command line administration tools

Contains various command line programs.

Workstation | Configuration

Contains all tools for the default user and additional programs required to configure the system. For example, these include the Configuration Wizard, Database Compiler, Database Transporter, Crypto Configuration, Designer, Web Designer, and configuration tools for the One Identity Manager Service.

Workstation | Development and Testing

Contains the tools to develop and test custom scripts, such as the System Debugger.

Workstation | Monitoring

Contains programs for monitoring the system status, for example the Job Queue Info program.

Related topics

Job server statistics

This Job server statistical data is evaluated and creates a basis for configuration recommendations for Job server load intervals. The data for the last 100 days is included in the calculation of the configuration recommendations. You should take these configuration suggestions into account when configuring the One Identity Manager Service.

To calculate statistics

  • In the Designer, set the Common | JobQueueStats configuration parameter. If the configuration parameter is enabled, the One Identity Manager Service statistics are written to the JobQueueStats table.

  • In the Designer, set the Common | JobQueueStats | MaxAge configuration parameter and enter the retention period for the statistics in days.

For every action in the Job queue, such as inserting, changing, or deleting processes, new statistic entries are created for the Job server. The DBQueue Processor task QBMJobQueueStatsShrink compresses the statistics. The compression takes place for every hour prior to the current hour.

To display Job server statistics

  1. In the Designer, select the Base Data > Installation > Job server category.

  2. Start the Job Server Editor using the Edit Job server task.

  3. Select the Job server to be edited in the Job server overview.

  4. Use the Select columns context menu to select the columns with statistics.

    These columns are highlighted in the color in the Job server view.

    Table 94: Columns for mapping statistics
    Column Name Meaning

    AverageLoad

    Average processes/hour

    Average number of processes per hour.

    MaxLoad

    Maximum processes/hour

    Maximum number of processes per hour.

    LoadDuration

    Recommended load interval (secs)

    Configuration suggestion for the Process request interval (StartInterval) parameter in the One Identity Manager Service configuration.

    StatisticsDuration

    Recommended statistic interval (secs)

    Configuration suggestion for the Time interval for statistics parameter (StatisticInterval) parameter in the One Identity Manager Service configuration.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating