立即与支持人员聊天
与支持团队交流

Identity Manager 9.3 - Operational Guide

About this guide Simulating data changes in the Manager Scheduling operations activation times Re-applying templates in the Manager Exporting data with the Manager Analyzing data and data changes Analyzing process monitoring in the Manager Schedules in One Identity Manager Mail templates in One Identity Manager Password policies in One Identity Manager Working with change labels Checking data consistency Compiling a One Identity Manager database Transporting custom changes Importing data with the Data Import Importing and exporting individual files for the software update Creating a One Identity Manager database for test or development from a database backup Initializing DBQueue Processor the after extending the server hardware Command line programs Configuration of settings for the One Identity Manager tools

Types of transport packages

You can customize the One Identity Manager schema by loading so-called transport packages. One Identity Manager recognizes the following types of transport packages that can be copied to the database depending on requirements.

Table 35: Transport package
Transport package type Description Tool used

Migration package

Migration packages are provided by for the initial database schema installation, for service pack and complete version updates. A migration package contains all the necessary tables, data types, database procedures, and the default One Identity Manager configuration.

Configuration Wizard

Hotfix package

Hotfix packages are provided to load individual corrections to the default configuration such as templates, scripts, processes, or files into the database. Multiple hotfix packages are combined into one cumulative hotfix package.

NOTE: If a hotfix package only contains changed files, load these files into the database using the Software Loader file.

Database Transporter

Software Loader

Custom configuration package

A custom configuration package is used to exchange customer specific changes between the development, test, and production system database. This transport package is created by the customer and loaded into the database.

Database Transporter

NOTE: If other configuration customizations are to be transferred to a One Identity Manager database in addition to a hotfix package, you can create a cumulative transport package to do this and, by using the Database Transporter, import the transport package into the target database.

Related topics

Basics for transporting modifications

Different methods are implemented for transporting modifications.

  • Transport of single objects is done through the object layer.

    When you import a transport package, the permissions, templates, and customizer in the target database are taken into account.

    This method is used, for example, if you use the Database Transporter program to create and import custom configuration packages that contain modifications to a system user, modifications starting from a defined date or to individual objects.

  • The transport of the entire system configuration is done through a transfer buffer.

    All relevant tables are checked when creating the transport package. The condition applied to the table, defines which objects are transported. The primary key is used to establish whether the transport entry has a GUID module and whether it is transferred to the source database transfer buffer. The transfer buffer is read and transport package is created. When importing into the target database, the contents of the transport package is transferred to the target database's transfer buffer. The information is then transferred to the target tables.

    This method is used if you use the Database Transporter program to create and import custom configuration packages that contain the complete system configuration.

  • The system configuration transport as a delta transport, identifies the differences in the configuration data between an existing configuration file and the connected database. These changes are written as insert, update, and delete operations in the new configuration file. The data is imported faster than if the system configuration is transported in its entirety.

When a transport package is imported into a One Identity Manager database, the following operations are carried out:

  • Inserting objects

    If no object was found in the destination database using the primary key or alternative key, a new object is created with this key value.

  • Updating objects

    An object found in the target database using the primary key will be updated. The update is done using the configuration buffer.

    If transporting modifies a default configuration, the default configuration is moved into the configuration buffer. You can retrieve changes from the configuration buffer and restore the default configuration in this way.

    If, during a One Identity Manager version upgrade, the default configuration is changed by a service pack, a complete version upgrade or by loading a hotfix package, a check is made to see if it has already been customized. In this case, the modified default configuration is copied to the configuration buffer. This ensures that customizations do not go missing.

  • Deleting objects

    Objects that are no longer needed are deleted. This operation is always run if the entire system configuration is transported.

Related topics

General tips for transporting changes

To exchange customizations between the development database, test database and the production database, use the Database Transporter to create transport packages. You also use the Database Transporter to import the transport packages into the target database.

Tips for creating transport packages
  • To copy individual objects into a transport package, specify the export criteria in Database Transporter. For example, you can export all changes made by a system user, changes made starting from a defined date or change labels. We recommend that you limit the custom configuration package if you are transporting individual changes.

  • You should only create a transport for the full system configuration if you want to copy all the adjustments to the system configuration from a test database into an initial production database.

  • To create transport packages with the Database Transporter, users require the Transport_Export program function.

  • The export date, the export description, database revision and the name of the export file in the source database transport history are recorded when a transport package is created with the Database Transporter.

Tips for importing transport packages
  • Test the changes in a test system before you load a transport package in a live system. Use a copy of the production database for testing.

  • You can display the contents of a transport package with the Database Transporter before you import.

  • Before importing a transport package, you can protect individual properties from being overwritten in the target database.

  • To import transport packages with the Database Transporter, users require the Transport_Import program function.

  • Start Database Transporter on an administrative workstation.

  • Depending on the type of transport, the database is set to single-user mode for the duration of the import. Close as many existing connections to the database as possible before starting the import. It is not mandatory to close the One Identity Manager Service connections. However, ensure that there are no processes running when the import is going to start.

  • When you import a transport package with schema extensions, the database is set to maintenance mode. Objects cannot be processed in the database during this time.

  • When importing a transport of the system configuration into a target database, you must also follow the Tips for importing the system configuration.

  • To import transport packages that contain system files with older file versions, users need the Common_FileRevisionDowngrade program function.

  • When you import a transport package with the Database Transporter, the import date and description, the database version, and the transport package name are recorded in the transport history of the target database.

Related topics

Protecting individual properties from being overwritten

Before importing a transport package, you can protect individual properties from being overwritten in the target database.

For example, you may want to block processing, as follows:

  • Configuration parameters and their values should not be overwritten when a test environment is transported to a production environment.

  • Server configurations should neither be overwritten in the test environment nor the production system during a transport.

NOTE: To stop properties from being edited, users require the Common_AllowPropertyLocks program function.

If certain users are allowed to lock properties for editing, you can assign the permissions to the users through permissions groups.

  • The QBM_PropertyLock permissions group is provided for non role-based login. This group owns the program function. Add the system users to the permissions groups. Administrative system users automatically obtain these permissions groups.

  • The QER_4_PropertyLock permissions group is provided for non role-based login. This group owns the program function. The permissions group is linked to the Base roles | Lock single properties application role. Add the identities to the application role.

To unlock and unlock a single property

  1. Open the object in the Designer or the Manager.

  2. Click the property name and select one of the following options from the context menu:

    • Prohibit modification: The property is locked for editing. The input field is locked and grayed-out.

    • Permit modification: The property is unlocked and available for editing.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级