Identity Governance and Identity Reporting databases run on Microsoft SQL Server, Oracle, and PostgreSQL databases. You can have the installation program do most of the work for building the databases, schemas, tables, and views for each component.
This section assumes that you intend to use Identity Reporting with Identity Governance in an environment without Identity Manager. For more information about installing and using Identity Reporting in an Identity Manager environment, see:
Identity Governance uses five databases: operations, archive, data collection, workflow, and analytics. By default, Identity Governance names these databases igops, igarc, igdcs, igwf, and igara, respectively. You can establish these databases in the following ways:
Have the installation program create the databases, including all schemas, tables, and views.
Create the databases before installation. The databases cannot contain any data or tables before installation. They can include the user schemas. The Identity Governance installation program then creates the tables, views, and artifacts in the databases. During installation, ensure that you specify the correct names of your databases.
IMPORTANT:
For Oracle, you must create the database (SID) before installation, and the installation program can create the schemas, tables, and views for you. Alternatively, you can add the schemas to the database before installing Identity Governance.
For Oracle, Identity Governance supports Pluggable and Container type databases. If you use a Container type database, you must prepend C## to the common user name. Identity Governance requires a common user to function, so the user name must start with C##.
Have the installation program generate a SQL file instead of creating schemas, tables, views, and artifacts in the databases. The installation program generates a SQL file for each schema, which your database administrator can run to update the database for Identity Governance. You might use this method if your database administrator wants to review the changes that will be made to the database.
Ensure that the database runs in the same subnetwork as your Identity Governance server.
Set up the schema for your users for your specific database type. You initialize (or reset) the database with Liquibase commands. To initialize or rest the database, use the following command:
Linux: Default location in /opt/netiq/idm/apps/idgov/bin
./db-init.sh -password ******Windows: Default location in c:\netiq\idm\apps\idgov\bin
db-init.bat -password ******Next, you must import (or re-import) the global configuration for Identity Governance to the database.
PostgreSQL: Use the following command:
"/opt/netiq/idm/apps/jre/bin/java" -Djava.util.logging.config.file="/opt/netiq/idm/apps/idgov/conf/logging.properties" -Djava.security.egd=file:///dev/urandom -Dcom.netiq.ism.config="/opt/netiq/idm/apps/idgov/conf/unused.props" -classpath "/opt/netiq/idm/apps/idgov/lib/ig-configutil.jar":"/opt/netiq/idm/apps/idgov/lib/ojdbc.jar" com.netiq.iac.config.util.IacConfigUtil -dbDriver oracle.jdbc.OracleDriver -dbUser %igops-user% -dbPassword %password% -dbUrl "jdbc:oracle:thin:@%oracle-server%:%port%/%sid%" -script "/opt/netiq/idm/apps/idgov/scripts/all-import-configs.script"
Oracle: Use the following command:
"/opt/netiq/idm/apps/jre/bin/java" -Djava.util.logging.config.file="/opt/netiq/idm/apps/idgov/conf/logging.properties" -Djava.security.egd=file:///dev/urandom -Dcom.netiq.ism.config="/opt/netiq/idm/apps/idgov/conf/unused.props" -classpath "/opt/netiq/idm/apps/idgov/lib/ig-configutil.jar":"/opt/netiq/idm/apps/idgov/lib/ojdbc.jar" com.netiq.iac.config.util.IacConfigUtil -dbDriver oracle.jdbc.OracleDriver -dbUser %igops-user% -dbPassword %password% -dbUrl "jdbc:oracle:thin:@%oracle-server%:%port%/%sid%" -script "/opt/netiq/idm/apps/idgov/scripts/all-import-configs.script"
NOTE:This commands contains the default installation path of /opt/netiq/idm/apps.
MS SQL: Use the following command:
"/opt/netiq/idm/apps/jre/bin/java" -Djava.util.logging.config.file="/opt/netiq/idm/apps/idgov/conf/logging.properties" -Dcom.netiq.ism.config="/opt/netiq/idm/apps/idgov/conf/unused.props" -classpath "/opt/netiq/idm/apps/idgov/lib/ig-configutil.jar":"/opt/netiq/idm/apps/idgov/lib/msjdbc.jar" com.netiq.iac.config.util.IacConfigUtil -dbDriver com.microsoft.sqlserver.jdbc.SQLServerDriver -dbUser igops -dbPassword %igops-password% -dbUrl "jdbc:sqlserver://%server%:%port%;databaseName=igops" -script "/opt/netiq/idm/apps/idgov/scripts/all-import-configs.script"
For more information about preparing and configuring the databases, see the following sections: