• State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 94 subscribers
  • Views 6741 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Synchronization Server - Ignore manually created elements while deleting / comparing to target system?

eMiFR
over 6 years ago

Hi,

I would like to know, how I can create a scope to ignore deletion of an element, when created manually.

For example, in Manager, I created a Location, with Ident_Locality "TEST".

In Sync Server (native db connector) I defined a workflow, which reads the localities from an other database.

At the moment it is configured, that, if an element in the database does not exists (but in IAM does = my manually created element), it gets deleted on every sync.

In IAM version 6 I was able to do it with the data importer and to create a scope with sql but how could I do the same now with the new sync editor and IAM 7.1.2?

  • +1 over 6 years ago
    Hi eMiFR

    I'd recommend integrating the property ImportSource into your synchronization project and to utilize either the existing ImportSource values defined by 1IM or to extend those with your own values. In the attribute flow for your locality objects you integrate a virtual property on the source side that flows the chosen value into the ImportSource attribute of you locality objects. The scope for your project will the check for objects having the ImportSource = <your value> to determine the appropriate objects and to ignore others.

    HTH
    Carsten
  • 0 over 6 years ago

    Hi Carsten

    Thank you for the response. I just tried some things but I am not able to find the right place for implementing the scope condition. I have created a virtual property on the source side wich has a defined value "LocationSource". This value is written to the "ImportSource" attribute of my locality object. Now I tried to insert the scope: ImportSource = 'LocationSource' at two places:

     

     

     

    And also the same on the "one identity manager configuration".

     

    Nor on One Identity manager Configuration nor on Target system, the scope is doing any effect. When I start the synchronization, no objects are read from database. Did I miss something and is this even the right place for the condition?

  • 0 over 6 years ago
    The scope would apply on the 1IM side of your connector. After applying the scope you should be able to use the schema browser on the 1IM side to check if your scope is applied correctly, wich would mean all objects that have NO scope should be filtered out.
  • 0 over 6 years ago

     Hi Carsten

     

    Thank you for your response! The scope seems to work now. I put it on the 1IM side of my connector and tested it in schema browser and it is applied correctly. Also I did a simulation provisioning and the report seemed fine, no manually created objects would now be deleted. The problem I face now is, that when I want to start the sync with "Execute", I keep getting this error message in the browser log:

    Any hint, where I can find that "log from Montag"? Maybe I can then find out which error and what the actual problem is now...

  • 0 over 6 years ago
    You'll find this log in the Log / Protocol Section of the Synchronization Editor.
    : if you're reading this one - there seems to be a missing translation in there...
  • 0 over 6 years ago
    This looks like a culture setting on the machine running the projector component.
  • 0 over 6 years ago
    I was able to implement the scope and do the import without my manually created locations getting deleted. What I then found out, might be a bug. It took me now a day to figure it out: Before I created a scope on One Identity Manager side I was importing Localities with hierarchy information. This worked well, and I was able in the manager to browse the hierarchy deeper and deeper. But when I added the scope (to not delete manual created locations) the hierarchy import wont work and it imports all the locations just flat. When I removed the scope, it worked again - very strange. Maybe somebody can test it in your environment... seems to be a bug for me. Now I can choose if I want the hierarchy or the scope, but I need both :) Will wait now for a sufficient answer, and proceed with the other stuff...
  • 0 over 6 years ago

    I strongly believe your scope definition is not sufficient or you have to have a reference scope definition in addition that allows for more objects to be found to fulfill the conditions for the hierarchy.