Identity Reporting requires the following drivers:
Identity Manager Managed System Gateway Driver
Identity Manager Driver for Data Collection Service
This process includes the following activities:
For more information about installing and configuring these drivers, see Configuring Drivers for Identity Reporting.
You must deploy the two drivers for Identity Reporting.
Open your project in Designer.
In theor view, right-click the driver set that you want to deploy.
Specify the Identity Vault credentials for the selected driver.
Before you start the Managed System Gateway Driver and the Data Collection Service Driver, you should confirm that the underlying managed systems are properly configured. This process helps you isolate problems with your environment that do not relate to the configuration of the reporting drivers.
To troubleshoot your Active Directory environment, for example, you might want to test an Active Directory entitlement by assigning a resource in the User Application.
NOTE:For more information about the Active Directory driver, see the NetIQ Identity Manager Driver for Active Directory Implementation Guide.
The following steps demonstrate one way to confirm that Active Directory is properly configured:
Ensure that the User Application and Identity Reporting are both running on the same server.
In iManager, verify that the User Application Driver and the Role and Resource Service Driver are running, then ensure that the driver for the managed system is running.
To verify that the User Application can retrieve information from Active Directory, log in to the User Application as a User Application Administrator.
In the Resource Catalog, create a new resource for Active Directory accounts:
Bind the resource to an entitlement within the Active Directory Driver, such as.
The User Application can retrieve the entitlement from the driver.
Because this particular resource pertains to accounts, configure the resource to assign an account value.
Select the account value, and then click.
Create another resource that assigns groups.
Bind the resource to an entitlement that is suitable for groups. For this particular resource, map to the.
Configure this resource so that the user assigns the entitlement value at request time, and allow the user to select multiple values for a single assignment request.
Verify that the entitlements were created successfully.
At this point, you can see that the underlying architecture for the managed system (in this case, Active Directory) is functioning properly. This can help you to troubleshoot any problems that might arise later on.
This section provides instructions for starting the Managed System Gateway Driver and the Data Collection Service Driver.
Right-click the Managed System Gateway Driver, and then click.
Right-click the Data Collection Service Driver, and then click.
After the drivers have started, verify that the console displays additional information in the server console. For example:
Log in to Identity Reporting as a Reporting Administrator.
In the navigation pane on the left, click.
Verify that thesection reports that an Identity Vault has been configured.
In the navigation pane, click.
Verify that the Identity Vault page provides details about the Data Collection Service Driver and the Managed System Gateway Driver. The Managed System Gateway Driver status should indicate that the driver has been initialized.
At this point, you can look at the contents of the Identity Information Warehouse to learn more about the rich data that is stored about the Identity Vault, as well as the managed systems in your enterprise.
To see the data in the Identity Information Warehouse, use a database administration tool such as PGAdmin for PostgreSQL to look at the contents of the SIEM database. When you look at the SIEM database, you should see the following schemas:
Contains reporting configuration data, such as report definitions and schedules. The installation program for Identity Reporting adds this schema to the database.
Contains information collected by the Managed System Gateway Driver and the Data Collection Service Driver. The installation program for Identity Reporting adds this schema to the database.
To view data collected by the drivers, expand.
Verify that a single row was added to this table for the new Data Collection Service Driver:
Verify that the data for this table shows the name of the Identity Vault:
If you see the new row in this table, the driver registration process was successful.