SQL DSI synchronization project has missing security principals
说明
After adding a SQL server for a DSI (Database Systems Integration) synchronization project, the users and roles are not showing up after performing a synchronization.
原因
Incorrect configuration of the synchronization project.
解决办法
Setup the synchronization project with the database level template to synchronize users and roles from an individual database.
1. Open the synchronization editor
2. Load the DSI synchronization project
3. Navigate to "One Identity Manager Connection"
4. Edit the scope for each schema type listed below:
UNSRootB
CanonicalName = '$CP_initial_catalog$@$CP_data_source$' and UID_DPRNameSpace = (Select UID_DPRNameSpace from DPRNameSpace where Ident_DPRNameSpace='$TargetSystemType$')
UNSAccountBHasUNSItemB
UID_UNSAccountB IN (Select UID_UNSAccountB from UNSAccountB where UID_UNSRootB = (Select UID_UNSRootB from UNSRootB where CanonicalName = '$CP_initial_catalog$@$CP_data_source$' and UID_DPRNameSpace = (Select UID_DPRNameSpace from DPRNameSpace where Ident_DPRNamespace='$TargetSystemType$')))
UNSAccountBInUNSGroupB
UID_UNSAccountB IN (Select UID_UNSAccountB from UNSAccountB where UID_UNSRootB = (Select UID_UNSRootB from UNSRootB where CanonicalName = '$CP_initial_catalog$@$CP_data_source$' and UID_DPRNameSpace = (Select UID_DPRNameSpace from DPRNameSpace where Ident_DPRNamespace='$TargetSystemType$')))
UNSGroupBINUNSGroupB
UID_UNSGroupBParent IN (Select UID_UNSGroupB from UNSGroupB where UID_UNSRootB = (Select UID_UNSRootB from UNSRootB where CanonicalName= '$CP_initial_catalog$@$CP_data_source$' and UID_DPRNameSpace = (Select UID_DPRNameSpace from DPRNameSpace where Ident_DPRNamespace='$TargetSystemType$')))