If a system is connected to the Identity Vault with an Identity Manager driver, it is referred to as a managed system.
When you click the Settings tab, it displays the Setting page. This page allows you to configure applications that are not connected to the Identity Vault through Identity Managed drivers. The ability to access managed systems (connected systems) is controlled through the Identity Vaults, which are configured on the Identity Vaults page.
The Settings page has the following tabs:
General Settings
Data Sync Policies
Perform the following actions to define the settings for an application:
Click Settings > General Settings and provide the following details:
Settings |
Description |
---|---|
Collect reporting data from connected systems |
Indicates the duration to collect the reporting data from connected system in number of days/weeks/months. |
Retain collected data |
Indicates the duration to retain the reporting data for mentioned number of days/weeks/months. |
Collect data from Identity Vaults and connected systems |
Select the preferred language from the drop down menu in which you wish to collect the reporting data from Identity Vaults and connected systems. NOTE:NetIQ Identity Manager Reporting collects data from other systems using a single locale. Reports can be localized in many languages, but the data in them will always use one language. |
Click Save Changes.
Click Start Data Collection to begin the data collection of the selected driver or click Delete Collected Data to delete the selected data. The data collection status provides the following details:
Field |
Description |
---|---|
State |
Indicates if the driver is active or suspended. (Read Only) |
Last Collection |
Displays the date when the data was last collected from connected system. (Read Only) |
Next Collection |
Displays the date when the data will next be collected from connected system. (Read Only) |
NOTE:If Reporting is installed in Standard Edition, the Manage System Gateway driver is not supported. Hence, Data Collection option is not available.
NOTE:When you install Identity Applications with Identity Reporting, the default locale set for User Application driver must be same as that on the Identity Reporting server. A mismatch of locales on these two components may result in errors while collecting the reporting data from Identity Vault and connected systems. For more information on how to set the preferred locale on Identity Application driver, see Specifying the Default Locale in the NetIQ Identity Manager - Administrator’s Guide to Designing the Identity Applications.
To sync data, click the Settings > Data Sync Policies tab. The synced policies are listed in this page. In case there are no policies available, click to add new policy.
Enter the following details:
Server Details |
Settings |
Description |
---|---|---|
Sentinel Server Details |
IP Address |
The network address of the Sentinel server. |
Port Number |
The port number of the server. The default port is 8643. |
|
Username |
The username required to authenticate to the server. |
|
Password |
The password required to authenticate to the server. |
|
Event Retention Period |
Specify the duration for the events to persist in the database before they are deleted. The default is 90 days. |
|
Database Server Details |
Type |
Select the type of databases from the drop-down menu. NOTE:If Oracle is selected, the default user name is idm_rpt_data. |
IP Address |
The network address of the Database server. |
|
Port Number |
The port number of the Database instance. |
|
Username |
The username required to authenticate to the Database instance. |
|
Password |
The password required to authenticate to the Database instance. |
|
Name |
A text string you use to identify the application within Identity Reporting. |
Click Show > Advanced to edit the following parameter:
Sentinel Event Table Payload Data: Contains a JSON document for creating the data synchronization table through REST APIs. The authentication information is substituted when a request is sent for creating the data synchronization table.
Sentinel Data Sync Policy Payload Data: Contains a JSON document for creating the policy on Sentinel.
NOTE:To add additional fields to the data synchronization policy, modify the JSON document in Sentinel Data Sync Policy Payload. Ensure that the changes are present in both event table and the data synchronization policy. Otherwise, the policy creation fails.
Click Create.
This creates sentinel_events table in your database. You need to manually add the corresponding views for the following reports:
Authentication by server
Authentication by User
Available-Permissions-Current-State
Correlated resource assignment events by user
Database-Statistics
Identity_Vault_User_Report
Identity_Vault_User_Report_Current_State
Object_Provisioning
Password_Resets
Resource_Assignments_by_Resource_Current_State
Resource_Assignments_by_Resource
Self_Password_Changes
User entitlements
User password changes event summary
User_Password_Changes_within_the_Identity_Vault
User_Status_Changes_within_the_Identity_Vault
Access requests by recipient
Access requests by resource
Access requests by requester
To generate these reports, see Adding Views for a Data Sync Policy.
NOTE:Policies created in Identity Manager 4.6 will not appear on upgrading to Identity Manager 4.7. You need to recreate the policy after deleting the old policy from SLM.