Identity Reporting needs a Report Administrator and at least one data source. You assign the administrator authorization in Identity Governance. In general, your data source is the Identity Governance database.
To prepare Identity Reporting for daily use, you need to complete the following activities:
You should also update to the latest version of the Identity Governance reports. For more information, see Step 3.
To verify installation and to initialize the Identity Reporting database, you must start the application server.
Log in to the application server that hosts Identity Reporting.
(Conditional) If this is the first time for starting Identity Reporting, complete the following steps:
Delete all files and folders in the following directories for your application server:
Linux: Temporary directory, located by default in
/opt/netiq/idm/apps/tomcat/temp
Catalina directory, located by default in /opt/netiq/idm/apps/tomcat/work/Catalina
Windows: Temporary directory, located by default in:
C:\netiq\idm\apps\tomcat\temp
Catalina directory, located by default in C:\netiq\idm\apps\tomcat\work\Catalina
Delete all log files from the logs directory of your application server, located by default in: .
Linux: /opt/netiq/idm/apps/tomcat/logs
Windows: C:\netiq\idm\apps\tomcat\logs
Start Tomcat. For examples, see Stopping, Starting, and Restarting Tomcat.
(Conditional) To observe the initialization process in Tomcat, enter the following command:
tail -f path_to_Tomcat_folder/logs/catalina.out
When the process completes, the file contains the following message:
Server startup in nnnn msTo log in to Identity Reporting, you need an account with the Report Administrator authorization.
For more information, see Assigning the Report Administrator Authorization.
To log in to Identity Reporting, your account must have the Report Administrator authorization in Identity Governance.
Log in to Identity Governance as the Global Administrator.
Select Administration > Authorization Assignments.
Assign users or groups to the Report Administrator authorization.
Save the change.
Select Identity Manager System Connection Information.
For Identity Manager URL, specify the URL for Identity Reporting.
For example, http://myserver.mydomain.com:8080/IDMRPT.
Save the change, then refresh the browser to see the change.
As a Report Administrator, you can access Identity Reporting from the Identity Governance interface. You can also log in directly from the Identity Reporting URL. Only accounts with the Report Administrator authorization should be able to log in to Identity Reporting.
To verify that you can access Identity Reporting from Identity Governance, complete the following steps:
Log in to Identity Reporting, select Home in the upper right corner.
Select the Reporting module icon near your user name.
Verify that you are redirected to Identity Reporting.
To verify that other authorizations are denied access to Identity Reporting, complete the following steps:
Log in to Identity Governance, as a Global Administrator or Security Officer.
Remove the Report Administrator authorization from the account that successfully logged in to Identity Reporting.
Log in to Identity Reporting with that account, which no longer has the authorization.
You should attempt the log in from both Identity Governance and the reporting URL.
Verify you cannot access Identity Reporting.
You can also attempt to log in to Identity Reporting by using a Global Administrator or Security Officer account to verify that accounts with high-level privileges cannot access Identity Reporting without the Report Administrator authorization.
Identity Reporting runs reports against your connected data sources. Before you can run reports, you need to add the data sources.
NOTE:You must add the Identity Governance igops database as a data source in Identity Reporting.
Log in to Identity Reporting as the Report Administrator.
Select Data Sources.
Select Add.
Specify whether you want to select from the list of data sources or provide the details for the source.
(Conditional) If you selected Provide database details, specify the values for the data source. For example, database platform, the host name or IP address of the database server, and include the following settings:
Specifies the name of the database. For example, to add the Identity Governance database, specify igops for PostgreSQL and orcl or whatever name you gave the Oracle database.
Specifies an account that can access the tables and views in the database. For example, when adding the Identity Governance database, specify igrptuser.
(Optional) Test the connection to your data source.
Select Save.
Clean up the Tomcat folders as described in Step 2.
You might need to restart Tomcat.
Run a test report to verify functionality in Identity Reporting.
For more information about running reports, see Running Identity Governance Reports.