Chat now with support
Chat with Support

Identity Manager 9.3 - Data Archiving Administration Guide

Change management

For more information about tracking and logging changes in One Identity Manager, see the One Identity Manager Configuration Guide.

Initially, all changes made to data in One Identity Manager are saved in the One Identity Manager database. You must ensure that log entries are regularly removed from the One Identity Manager database and archived in a One Identity Manager History Database. In this way, the History Database provides an archive of change information. Statistical analyzes are carried out in the History Database that simplify how trends and flows are presented. Historical data is evaluated using the TimeTrace function or using reports.

NOTE: Any number of History Databases can be used for analyzing historical data in the TimeTrace and in reports. Not only are History Databases in the current format supported, but older formats in read-only mode also.

Logged data may be subject to further regulations such as statutory retention periods. It is recommended to operate History Databases that correspond to the report periods. After a specified reporting period has expired, you can set up a new History Database.

Depending on the volume of the One Identity Manager database data and the frequency at which it is changed, it might be necessary to create further History Databases at certain intervals (such as yearly, quarterly, or monthly). The proportion of historical data to total volume of a One Identity Manager database should not exceed 25 percent. Otherwise performance problems may arise.

Setting up a History Database requires the following steps:

  • Installing the History Database

  • Declaring a History Database in the One Identity Manager database

  • Setting up the archiving method

Detailed information about this topic

Installing a One Identity Manager History Database

Installation of a History Database is similar to that of a One Identity Manager database. For more information about the system prerequisites and how to install a database, see the One Identity Manager Installation Guide.

Use the History Database to set up the Configuration Wizard. Alternatively, you can create the History Database using the Quantum.MigratorCmd.exe command line program.

Detailed information about this topic

Installing the One Identity Manager History Database with the Configuration Wizard

IMPORTANT: Always start the Configuration Wizard on an administrative workstation.

To install a History Database with the Configuration Wizard

  1. Start the Configuration Wizard.

  2. On the Configuration Wizard's home page, select the Create and install database option and click Next.

  3. To install a new database, enter the following database connection data on the Create administrative connection page.

    • Server: Database server.

    • (Optional) Windows Authentication: Specifies whether the integrated Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

    • User: SQL login name of the installation user.

    • Password: Password for the installation user.

    • Encrypt communication: Specifies whether encryption is required for exchanging data between the client and server. Select the minimum encryption level. The encryption level that is actually used depends on the database server configuration. For more information, see the documentation from Microsoft.

      Permitted values are:

      • Optional: Communication is not encrypted.

      • Mandatory: Data exchange is encrypted. The Trust server certificate option, allows you to also specify whether to verify the server certificate.

      • Strict (SQL Server 2022 and Azure SQL): The data exchange is encrypted.  The server certificate is always verified.

    • Trust server certificate: If this option is enabled, the data exchange between the client and server is encrypted. However, the server certificate is not verified.

    - OR -

    To use an existing empty database, on the Create administrative connectionpage, select the Use an existing, empty database for installation option and enter the database connection information.

    • Server: Database server.

    • (Optional) Windows Authentication: Specifies whether the integrated Windows authentication is used. This type of authentication is not recommended. If you decide to use it anyway, ensure that your environment supports Windows authentication.

    • User: SQL login name of the installation user.

    • Password: Password for the installation user.

    • Database: List of possible databases on the database server. Select the database.

    • Encrypt communication: Specifies whether encryption is required for exchanging data between the client and server. Select the minimum encryption level. The encryption level that is actually used depends on the database server configuration. For more information, see the documentation from Microsoft.

      Permitted values are:

      • Optional: Communication is not encrypted.

      • Mandatory: Data exchange is encrypted. The Trust server certificate option, allows you to also specify whether to verify the server certificate.

      • Strict (SQL Server 2022 and Azure SQL): The data exchange is encrypted.  The server certificate is always verified.

    • Trust server certificate: If this option is enabled, the data exchange between the client and server is encrypted. However, the server certificate is not verified.

    TIP: To configure additional connection settings, enable the Advanced option.

  4. If you are creating a new database, perform the following tasks on the Create database page.

    1. In the Database properties view, enter the following information about the database.

      Table 1: Database properties
      Data Description

      Database name

      Name of the database.

      Data directory

      Directory in which the data file is created. You have the following options:

      • <default>: The database server’s default directory.

      • <browse>: Select a directory using the file browser.

      • <directory name>: Directory in which data files are already installed.

      Log directory

      Directory in which the transaction log file is created. You have the following options:

      • <default>: The database server’s default directory.

      • <browse>: Select a directory using the file browser.

      • <directory name>: Directory in which transaction log files are already installed.

      Memory tables directory

      Directory for the data file group and the database file for memory-optimized tables. You have the following options:

      • <default>: The database server’s default directory.

      • <browse>: Select a directory using the file browser.

      • No memory-optimized file group (only History Database): No directory is created for the data file group and the database file for memory-optimized tables. This setting is only allowed for installing a History Database.

      • <Directory name>: Directory in which data files for memory-optimized tables are already installed.

      Initial size

      Initial size of the database files. You have the following options:

      • <Default>: Default entry for the database server.

      • <custom>: User-defined entry.

      • Different recommended sizes: Depending on the number of identities being administrated.

    2. In the Installation source pane, select the directory with the installation files.

    - OR -

    If you are using an existing database, on the Create database page, Installation source view, select the directory containing the installation files.

  5. On the Select configuration modules page, select the Data archiving configuration module.

  6. The installation steps are shown on the Processing database page.

    Installation and configuration of the database are automatically carried out by the Configuration Wizard. This procedure may take some time depending on system performance. Once processing is complete, click Next.

    TIP: Set Advanced to obtain detailed information about processing steps and the migration log.

  7. On the last page of the Configuration Wizard, click Finish.

Additional configuration steps are required after the schema installation:

  • Declare the History Database in the One Identity Manager database.

  • Set up the archiving method in the One Identity Manager database.

Related topics

Installing the One Identity Manager History Database from the command line

You can create the History Database using the Quantum.MigratorCmd.exe command line program. For more information about the Quantum.MigratorCmd.exe command line programs, see the One Identity Manager Operational Guide.

Example: Installation of a History Database using the command line program Quantum.MigratorCmd.exe

quantum.migratorcmd.exe

/connection="Data Source=<Database server>;Initial Catalog=<Database>;User ID=<Database user>;Password=<Password>"

--Install

/Module="HDB"

/System=MSSQL

/LogLevel= Info

/Destination=<source folder>

Related topics
Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating