Identity Governance and Identity Reporting databases run on Microsoft SQL Server, Oracle, and PostgreSQL platforms. You can have the installation program to do most of the work for building the databases, schemas, tables, and views for each component. For more information, see the following sections:
This section assumes that you intend to use Identity Reporting with Identity Governance in an environment without Identity Manager. For more information about installing and using Identity Reporting in an Identity Manager environment, see:
Identity Governance uses four databases: operations, data collection, workflow, and analytics. By default, these databases are igops, igdcs, igwf, and igara, respectively. You can establish these databases in the following ways:
Have the installation program create the databases, including all schemas, tables, and views.
Create the databases before installation. The databases cannot contain any data or tables before installation. They can include the user schemas. The Identity Governance installation program then creates the tables, views, and artifacts in the databases. During installation, ensure that you specify the correct names of your databases.
IMPORTANT:
For Oracle, you must create the database (SID) before installation, and the installation program can create the schemas, tables, and views for you. Alternatively, you can add the schemas to the database before installing Identity Governance.
For Oracle, Identity Governance supports Pluggable and Container type databases. If you use a Container type database, you must prepend C## to the common user name. Identity Governance requires a common user to function, so the user name must start with C##.
Have the installation program generate a SQL file instead of creating schemas, tables, views, and artifacts in the databases. The installation program generates a SQL file for each schema, which your database administrator can run to update the database for Identity Governance. You might use this method if you do not have the credentials for the database administrator.
Ensure that the database runs in the same subnetwork as your Identity Governance server.
Set up schemas and users for the databases, then you can initialize (or reset) the database with the following command:
Linux: Default location in /opt/netiq/idm/apps/idgov/bin
./db-init.sh -password ******Windows: Default location in c:\netiq\idm\apps\idgov\bin
db-init.bat -password ******The command uses Liquibase commands to initialize the database.
Next, you must import (or re-import) the global configuration for Identity Governance to the database.
PostgreSQL: Use the following command:
"/opt/netiq/idm/apps/jre/bin/java" -Djava.util.logging.config.file="/opt/ netiq/idm/apps/idgov/conf/logging.properties" -Djava.security.egd=file:/// dev/urandom -Dcom.netiq.ism.config="/opt/netiq/idm/apps/idgov/conf/ unused.props" -classpath "/opt/netiq/idm/apps/idgov/lib/igconfigutil.jar":"/opt/netiq/idm/apps/idgov/lib/ojdbc.jar" com.netiq.iac.config.util.IacConfigUtil -dbDriver oracle.jdbc.OracleDriver -dbUser %igops-user% -dbPassword %password% -dbUrl "jdbc:oracle:thin:@%oracle-server%:%port%/%sid%" -script "/opt/netiq/idm/ apps/idgov/scripts/all-import-configs.script"
Oracle: Use the following command:
"/opt/netiq/idm/apps/jre/bin/java" -Djava.util.logging.config.file="/opt/ netiq/idm/apps/idgov/conf/logging.properties" -Djava.security.egd=file:/// dev/urandom -Dcom.netiq.ism.config="/opt/netiq/idm/apps/idgov/conf/ unused.props" -classpath "/opt/netiq/idm/apps/idgov/lib/igconfigutil.jar":"/opt/netiq/idm/apps/idgov/lib/ojdbc.jar" com.netiq.iac.config.util.IacConfigUtil -dbDriver oracle.jdbc.OracleDriver -dbUser %igops-user% -dbPassword %password% -dbUrl "jdbc:oracle:thin:@%oracle-server%:%port%/%sid%" -script "/opt/netiq/idm/ apps/idgov/scripts/all-import-configs.script"
NOTE:This commands contains the default installation path of /opt/netiq/idm/apps.
MS SQL: Use the following commands:
"/opt/netiq/idm/apps/jre/bin/java" -Djava.util.logging.config.file="/opt/ netiq/idm/apps/idgov/conf/logging.properties" -Dcom.netiq.ism.config="/ opt/netiq/idm/apps/idgov/conf/unused.props" -classpath "/opt/netiq/idm/ apps/idgov/lib/ig-configutil.jar":"/opt/netiq/idm/apps/idgov/lib/ msjdbc.jar" com.netiq.iac.config.util.IacConfigUtil -dbDriver com.microsoft.sqlserver.jdbc.SQLServerDriver -dbUser igops -dbPassword %igops-password% -dbUrl "jdbc:sqlserver:// %server%:%port%;databaseName=igops" -script "/opt/netiq/idm/apps/idgov/ scripts/all-import-configs.script"
For more information about preparing and configuring the databases, see the following sections:
Identity Reporting uses one database. It is important that you allow the installation program for Identity Governance to create the schema, tables, and views for the PostgreSQL database. For Oracle, you must create the database (SID) in AL32UTF-8 (Unicode UTF-8 Universal character set) before installing Identity Reporting.
The Identity Reporting database must run in the same subnetwork as your Identity Governance server. You can establish the Identity Reporting database in the same way as you do for the Identity Governance database. For more information, see Understanding the Identity Governance Databases.