Chat now with support
Chat with Support

Identity Manager 9.3 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics The full-text search in One Identity Manager Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on using date values Tips for using PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Displaying messages in the user interface Referencing packages and files in scripts Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Committing and compiling script changes Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue Processor tasks Structure of the Jobservice.cfg configuration file

Configuring the DebugMailPlugin

If this plugin is enabled, email notifications generated by the One Identity Manager Service are not sent but are kept in a drop folder. The file names contain the time stamp in this case. If a mail contains HTML text, a *.html file is saved with the same name as the descriptive *.txt file with the body. Email attachments are also saved in this way. You configure the plugin in the Plugins module.

NOTE:

  • The plugin only works for processes run internally in the One Identity Manager Service.

  • If this plugin is enabled, no email notifications are sent through the One Identity Manager Service. This plugin is only used for localizing errors. It is not recommended to set this parameter in normal working conditions.

Enter the following parameter:

  • Drop folder (DropFolder)

    Directory for storing email notifications.

Related topics

Configuring the ShareInfoPlugin

This plugin is required for solving Samba shares (smb.conf) under the Linux operating system. The plugin solves UNC paths to local paths. This plugin does not required any parameters. You configure the plugin in the Plugins module.

NOTE: Install the plugin if the One Identity Manager Service runs copy actions between servers with Linux operating system.

Related topics

Configuring the RemoteConnectPlugin

For more information about configuring a remote connection, see the One Identity Manager Target System Synchronization Reference Guide.

To configure synchronization with a target system, One Identity Manager must load the data from the target system. One Identity Manager communicates directly with the target system to do this. Sometimes direct access from the workstation, on which the Synchronization Editor is installed, is not possible. For example, because of the firewall configuration or the workstation does not fulfill the necessary hardware and software requirements. If direct access is not possible from the workstation, you can set up a remote connection. Prerequisite for this is that the RemoteConnectPlugin is installed on the Job server. You configure the plugin in the Plugins module.

RemoteConnectPlugins parameters are:

  • Bind address (HttpBindAddress): IP address of the network card to use.

    Value: + - Uses all network cards.

  • Port (Port): Server port used to reach the RemoteConnectPlugin.

    Value: The RemoteConnectionPlugin uses the 2880 port by default.

    NOTE: The firewall must allow incoming TCP connections on this port.

  • Use HTTPS (UseHttps): Defines whether a secure connection (HTTPS) is used.

    Value: Enabled - Always use a secure connection in a production environment.

    The option must only be disabled if you are using a HTTPS proxy. The One Identity Manager tools (like the Synchronization Editor) always establish a secure connection via HTTPS.

  • Authentication method: Method with which incoming queries can be authenticated.

    • ADGroupAuthentication: Authentication through membership in an Active Directory group.

      Prerequisites: The remote connection server and the workstation must be in the same Active Directory domain.

      • Authentication type (HttpAuthentication): Authentication type to use.

        Permitted values: Ntlm, IntegratedWindowsAuthentication

      • Permitted Active Directory group (PermittedADGroup): Distinguished name or object SID of the Active Directory group whose members are authorized to use a remote connection.

    • SecretAuthentication: Authentication by secret value.

      • Secret (Secret): Hash value of the secret that a user must enter for authentication.

        Calculate the hash value with your preferred external hash value calculator and accept this value. Enter the method used to calculate the hash value at the same time.

        Syntax: [#<algorithm>(-<Format>)]<hash value>

        Example: [#SHA512]<HexSHA512Hash>

Configuring the DatabaseAgentPlugin

This One Identity Manager Service plugin deploys the Database Agent Service. The Database Agent Service controls processing of DBQueue Processor tasks. The plugin should be configured on the Job server that performs the Update server server function. An administrative user must be used for the database connection in the Job provider. You configure the plugin in the Plugins module.

Enter the following parameter:

  • Job provider IDs (ProviderIDs)

    IDs of the Job providers to be used. Enter a list of Job provider names separated by the pipe symbol (|). If this is empty the first Job provider is used. If * is specified, all Job providers are used.

Alternatively, the Database Agent Service can be run from the DatabaseAgentServiceCmd.exe command line program. For more information, see the One Identity Manager Operational Guide.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating