20.4 Creating a Parameters File to Run the Data Purge Utility

When you run the Data Purge utility, you must specify the settings that allow the utility to connect to the Identity Governance server. To speed the process, you create a parameters file that contains these settings, then specify that file to initiate the utility.

For more information about using the file to run the Data Purge utility, see Purging Data from the Operations Database.

NOTE: The Data Purge utility always requests the password for the specified Identity Governance Data Administrator User Name and will accept the password for the Identity Governance OAuth (OSP) Client ID. However, for security reasons, you should not include these values in the parameters file.

  1. In a text editor, create a new parameters file in the following directory.

    • Linux: /opt/netiq/idm/apps/idgov/bin/

    • Windows: c:\netiq\idm\apps\idgov\bin

  2. Specify values for the following parameters:

    message.locale

    Locale for message prompts

    purgeall

    Purges all purgeable items from all purgeable types, exits when complete

    ar.host

    Specifies the host name or IP address of the Identity Governance server

    ar.port

    Specifies the port of the Identity Governance server

    ar.protocol

    Specifies whether Identity Governance uses http or https protocol

    ar.user.name

    Specifies a user account in Identity Governance with a Data Administrator authorization

    ar.usr.password

    Specifies the password for the Identity Governance user account

    auth.host

    Specifies the host name or IP address for the authentication server (OSP)

    auth.port

    Specifies the port of the authentication server (OSP)

    auth.protocol

    Specifies whether authentication uses http or https protocol on the authentication server (OSP)

    auth.client.id

    Specifies the name used to identify Identity Governance to the authentication server (OSP)

    For more information about the server settings, see the following sections:

    auth.client.password

    Specify the password of the auth.client.id

  3. (Optional) Specify the timeframe during which the utility searches for purgeable data:

    retention.days

    Instructs the utility to search for purgeable data with timestamps older than the specified number of days from the current date.

    retention.date

    Instructs the utility to search for purgeable data with timestamps older than the specified date and time. Use the following format: mm dd yyyy h:mm:ss AM/PM. For example,

    Sep 30, 2015 11:20:00 AM

    NOTE:The utility searches for all purgeable data older than the specified time frame with the following conditions:

    • If you specify values for both Retention days and Retention date/time, the utility uses the value for Retention days.

    • If you do not specify a value for either parameter, the utility uses the date and time when you initiate the search for purgeable data.

  4. Save and close the properties file.

  5. To run the utility, see Purging Data from the Operations Database.

Here is the content from a sample parameter file:

ar.host=10.10.10.10
ar.port=8080
ar.protocol=http
ar.user.name=jdoe
auth.host=10.10.10.10
auth.port=8080
auth.protocol=http
auth.client.id=iac
retention.days=0