Recently I had a need to clean up both historic and current data from the Identity Reporting Module database (also known as the Identity Information Warehouse) and start with a fresh database.

In Identity Manager v4.0.2 there is a pretty quick and painless way to do that without resorting to manual SQL scripts.

It’s based on the REST API that the Reporting Module provides. Unfortunately it seems that this API isn’t documented, at least I couldn’t find any information on it.

Here is a step-by-step guide on how to empty your Reporting Module database.

I performed the cleanup using Firefox and an extension called RESTClient.

First you need to get an Authentication token from the Reporting Module using a POST against the URL /IDMRPT-AUTH/auth/tokens with a Basic Authorization header, see the screenshot below.


You will get back a JSON response, you need the TokenDigest value. Copy it.

The next step is to issue a command to clean up the database. To be able to do that you need to stop the data collection in the Reporting Module web interface.

Login to your Reporting Module and navigate to the Identity Vault Data Sources page.

Make sure that the Managed System Gateway Driver is suspended and deselect the “Enable event collection” checkbox.


Next, return to Firefox and RESTClient.

Now we will send a DELETE to the /IDMRPT-CORE/rpt/collectors/data URL using our authentication token that we store in a header called Authorization with the type X-OPAQUE, see the screenshot below.


Check your Reporting Module log for indication that the cleanup has been performed. For example this can be seen in server.log for my Reporting Module that is running on JBoss:

2014-06-04 14:03:25,208 INFO  [STDOUT] (http- INFO  [RPT] [com.novell.idm.rpt.core.server.logging.naudit.LogEvent:logDatCollectionEvent] [Data_Cleanup_Requested] Initiated by cn=uaadmin,o=system; Data Collector UUID ALL

Perform a check using your favorite SQL-browser or use pgAdmin that comes with the Reporting Module to make sure that the database is empty.



1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
Jun 11, 2014
11:56 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow