Steps to clear the EAS Reporting Database on RBPM 4.0.2

  • 7016495
  • 12-May-2015
  • 12-May-2015

Environment


NetIQ Identity Manager Roles Based Provisioning Module 4.0.2

Situation

Need to clear the RBPM Reporting database.

Resolution

Steps to clear the EAS Reporting Database on RBPM 4.0.2 without HPD:

I. Stop the DCS and MSGW drivers
  A) Open a new browser and login to iManager
    1) For example: https://myserver.novell.com:8443/nps/iManager.html
  B) Go to Identity Manager Administration -> Identity Manager Overview
    1) With [root] in the "Search in" field press the blue arrow to start the search
      a) If you have a big tree change the value of the container to where your driver set is located to avoid long delays in this page
    2) On the Driver Sets tab select the driver set where the DCS and MSGW drivers are running
    3) On the Driver Set Overview Page -> Overview tab
      a) Right-click in the Green circle on the DCS driver and select Stop driver
      b) Right-click in the Green circle on the DCS driver and select Edit properties
        1. On the Identity Manager Tab, select Driver Configuration
          (a) Scroll down to the Startup Options section
            (1) Select the radio button next to "Disabled"
        2. Press the OK button
      c) Repeat steps 3)a) and 3)b) for the MSGW Driver
  C) Logout of iManager
  D) Close the browser
 
II. Suspend Data Collection in the Reporting Module
  A) Open a new browser and login to the Reporting Module
    1) For Example: https://myserver.novell.com:8180/IDMRPT
  B) Select Identity Vaults from the left-hand navigation
    1) Under Data Collection Service Driver
      a) Uncheck the checkbox next to "Enable event collection"
    2) Under the Managed System Gateway Driver
      a) Press the stop button in the Collection state area
    3) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  C) Select Applications from the left-hand navigation
    1) If there are any Non-Managed Applications defined then they must be suspended
      a) Press the stop button in the Application state section
      b) Repeat 1.a) as necessary
    2) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  D) Logout of the Reporting Module
  E) Close the browser
 
III. Issue the clean-up/purge via REST
  A) Get the Authorization Token from the Reporting Module (Doc section 13.3). That can be done using a Browser tool like Poster (Firefox) or Advanced REST Client (Chrome)
    1) URL: https://myserver.novell.com:8180/IDMRPT-AUTH/auth/tokens
    2) Method/Action: POST
    3) Headers
      a) Name: Accept
        Value: application/json
      b) Name: Authorization
        Value: BASIC (b64string in the format cn:password)
          1. For example:  BASIC dXNlcm5hbWU6cGFzc3dvcmQ=
    4) Press the Execute / Send Request button
    5) You should receive back a status "201 Created", along with the token itself.
  B) Issue the database clear request using a Browser tool like Poster (Firefox) or Advanced REST Client (Chrome)
    1) URL: https://myserver.novell.com:8180/IDMRPT-CORE/rpt/collectors/data
    2) Method/Action: DELETE
    3) Headers
      a) Name: Authorization
          Value: X-OPAQUE NOVELLIDMRPT:%Token-value-from-above%
            1. For example: NOVELLIDMRPT:36a19334-c6b6-440c-9641-4f8ba4dce1f7:1357688715628
      b) Name: TS-URL
          Value: https://myserver.novell.com:8180/IDMRPT-AUTH/auth/tokens
      c) Name: Content-Type
          Value: application/json
    4) Press the Execute / Send Request button
    5) You should receive back a status 200 OK
    6) In the server.log you will see a message similar to
      INFO [RPT] [com.novell.idm.rpt.core.server.logging.naudit.LogEvent:logDatCollectionEvent]
      [Data_Cleanup_Requested] Initiated by cn=uaadmin,ou=sa,o=data; Data Collector UUID ALL


IV. Wait until the table idm_rpt_data.idmrpt_identity has 0 records. This may take a few minutes.
    A) One way to check the table's contents is to issue the SQL request:
       SELECT count(*) FROM idm_rpt_data.idmrpt_identity;
       You should have 0 records left after cleanup. IF count equal to 0 continue to step V

V. Start DCS and MSGW Drivers
  A) Open a new browser and login to iManager
    1) For example: https://myserver.novell.com:8443/nps/iManager.html
  B) Go to Identity Manager Administration -> Identity Manager Overview
    1) With [root] in the "Search in" field press the blue arrow to start the search
      a) If you have a big tree change the value of the container to where your driver set is located to avoid long delays in this page
    2) On the Driver Sets tab select the driver set where the DCS and MSGW drivers are running
    3) On the Driver Set Overview Page -> Overview tab
      a) Right-click in the Red circle on the DCS driver and select Edit Properties
        1. On the Identity Manager Tab, select Driver Configuration
          (a) Scroll down to the Startup Options section
            (1) Select the radio button next to "Auto Start"
        2. Press the OK button
      b) Right-click in the Red circle on the DCS driver and select Start driver
      c) Repeat steps 3)a) and 3)b) for the MSGW Driver
  C) Logout of iManager
  D) Close the browser
 
VI. Enable Data Collection in the Reporting Module
  A) Open a new browser and login to the Reporting Module
    1) For Example: https://myserver.novell.com:8180/IDMRPT
  B) Select Identity Vaults from the left-hand navigation
    1) Under Data Collection Service Driver
      a) Make sure checkbox next to "Enable event collection" is checked. If not, select it.
    2) Under the Managed System Gateway Driver
      a) Press the start button in the Collection state
    3) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  C) Select Applications from the left-hand navigation
    1) If there are any Non-Managed Applications defined then they must be enabled
      a) Press the start button in the Application state section
      b) Repeat 1.a) as necessary
    2) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  D) Logout of the Reporting Module
  E) Close the browser
 
VII. Perform Migrate from the Identity Vault in the DCS Driver
 
VIII. Perform Data Collection

Steps to clear the EAS Reporting Database on RBPM 4.0.2 after HPD is installed:

I. Stop the DCS and MSGW drivers
  A) Open a new browser and login to iManager
    1) For example: https://myserver.novell.com:8443/nps/iManager.html
  B) Go to Identity Manager Administration -> Identity Manager Overview
    1) With [root] in the "Search in" field press the blue arrow to start the search
      a) If you have a big tree change the value of the container to where your driver set is located to avoid long delays in this page
    2) On the Driver Sets tab select the driver set where the DCS and MSGW drivers are running
    3) On the Driver Set Overview Page -> Overview tab
      a) Right-click in the Green circle on the DCS driver and select Stop driver
      b) Right-click in the Green circle on the DCS driver and select Edit properties
        1. On the Identity Manager Tab, select Driver Configuration
          (a) Scroll down to the Startup Options section
            (1) Select the radio button next to "Disabled"
        2. Press the OK button
      c) Repeat steps 3)a) and 3)b) for the MSGW Driver
  C) Logout of iManager
  D) Close the browser
 
II. Suspend Data Collection in the Reporting Module
  A) Open a new browser and login to the Reporting Module
    1) For Example: https://myserver.novell.com:8180/IDMRPT
  B) Select Identity Vaults from the left-hand navigation
    1) Under Data Collection Service Driver
      a) Uncheck the checkbox next to "Enable event collection"
    2) Under the Managed System Gateway Driver
      a) Press the stop button in the Collection state area
    3) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  C) Select Applications from the left-hand navigation
    1) If there are any Non-Managed Applications defined then they must be suspended
      a) Press the stop button in the Application state section
      b) Repeat 1.a) as necessary
    2) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  D) Logout of the Reporting Module
  E) Close the browser
 
III. Issue the clean-up/purge via REST
  A) Get the Authorization Token from the OSP module. That can be done using a Browser tool like Poster (Firefox) or Advanced REST Client (Chrome)
    1) URL: https://myserver.novell.com:8180/osp/a/idm/auth/oauth2/grant
    2) Method/Action: POST
    3) Headers
      a) Name: Content-Type
        Value: application/x-www-form-urlencoded
      b) Name: Authorization
        Value: BASIC (b64string in the format cn:password, using the SSO parameters from the DCS driver)
          1. For example: BASIC ZGNzZHJ2OmRyaXZlcgAA
    4) Body content: grant_type=password&username=<FDN in URLencode format>&password=<password>
          1. For example: grant_type=password&username=cn%3Duaadmin%2Cou%3Dsa%2Co%3Ddata&password=novell
    5) Press the Execute / Send Request button
    6) You should receive back a status "200 Success", along with the token itself.
          1. Sample response from a lab:
==============
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
OIDPForwardResponseStatus: SUCCESS_OK
Set-Cookie: OIDPSESSION59303D34382C2D310=200-0T7TAQJHXKWWQWPPYAPWMYIU/C5ZKNOXNVM9HP4/-132EC-6DCE!1!6DCF!120!127!MtvPwoRSWBNhKhj5DibVO1fzP3BbngRLqYoOb6qUEq0~!e1qMf3UZTzJGrc3+KS3MShZ7mWe/Wk6EVDgXzGutXuAXP9tU0b2wHwTq02AQi52e1l+iRkOFo3YqWWfdscuQ/FFDKFVOkwg6UmDYFuDyAcWffURzzPbiP7oIke1O78l85GY80kUQyilDYykdFFFRWf2mK4XqCv7AGpkHneauIuQRkORdAcJQYnvbEBnvWwBxvLhDK17NuReNMHzazL/8YFWotSieC8s/3xrdT7/ni85iv8i/GE1hTaGdVgYuNFJjq1E7++ZSf3k/jeItR1FccvDrcuH7tUs0g4H7iN7ITfpiUcfyLFhnb5q5osS+aN3RLb2TxW7ET5o4/Ke6mfMROw~~; Domain=151.155.213.251; Path=/
Content-Type: application/json
Transfer-Encoding: chunked
Date: Wed, 02 Apr 2014 10:05:28 GMT

236
{
"access_token":"eHwAIEb42ZjiO4qTQM1G1sRshoy3SfaiGnSl6RCEdAxkyGYwVplLjetsKo6ComvKgOpF8N@mHf9hv3VuSxEOjiDjQdeiUv@RiERfa8qiOoZxtF1w9gf8ceVDfxGBAAWpDpCeS9NeYEM4nyoHT6QxgZQIzD4f5fAr@yOsyHTu5A@10HwNO8bIogd/KvwbkTR84pPG6um4hIbcUKaMLO7HVOhnOcA~",
"token_type":"bearer",
"expires_in":120,
"refresh_token":"eHwAIC9STVVKIDBDSNi3/yaCafvY5caU6iQPDYZNk9sSNtE55zlXdpfeJfdkPjTLEQ9ovPbM705DkdNkiOD9NJYEa5CJTP7snqYV0Eijq8NHUFg39gf8ceVDfxGBAAWpDpCeS9NeYEM4nyoHT6QxgZQIzD4f5fAr@yOsyHTu5A@10HwNO8bIogd/KvwbkTR84pPG6jzW4Os8NPmfRab0lyXKrOdI4hVLNAUuXSkTO88@I1@Ro5DZYqf2fzrKIATu14znlw~~"
}
0
==============
  B) Issue the database clear request using a Browser tool like Poster (Firefox) or Advanced REST Client (Chrome)
    1) URL: https://myserver.novell.com:8180/IDMRPT-CORE/rpt/collectors/data
    2) Method/Action: DELETE
    3) Headers
      a) Name: Authorization
          Value: bearer %Token-value-from-above%
            1. For example: bearer eHwAIEb42ZjiO4qTQM1G1sRshoy3SfaiGnSl6RCEdAxkyGYwVplLjetsKo6ComvKgOpF8N@mHf9hv3VuSxEOjiDjQdeiUv@RiERfa8qiOoZxtF1w9gf8ceVDfxGBAAWpDpCeS9NeYEM4nyoHT6QxgZQIzD4f5fAr@yOsyHTu5A@10HwNO8bIogd/KvwbkTR84pPG6um4hIbcUKaMLO7HVOhnOcA~
      b) Name: TS-URL
          Value: https://myserver.novell.com:8180/IDMRPT-AUTH/auth/tokens
    4) Press the Execute / Send Request button
    5) You should receive back a status 200 OK
    6) In the server.log you will see a message similar to
    <date> <time> INFO  [com.novell.idm.rpt.core.server.logging.naudit.LogEvent] (http-0.0.0.0-8180-6) [RPT-CORE] [Data_Cleanup_Requested] Initiated by cn=uaadmin,ou=sa,o=data; Data Collector UUID ALL

IV. Wait until the table idm_rpt_data.idmrpt_identity has 0 records. This may take a few minutes.
    A) One way to check the table's contents is to issue the SQL request:
       SELECT count(*) FROM idm_rpt_data.idmrpt_identity;
       You should have 0 records left after cleanup. IF count equal to 0 continue to step V

V. Using the iManager plugin, remove all processed associations from the DCS driver
  A) Open a new browser and login to iManager
    1) For example: https://myserver.novell.com:8443/nps/iManager.html
  B) Go to Identity Manager Administration -> Driver Inspector
    1) In the "Driver to Inspect" field click the Magnifying glass icon.
    2) On the pop-up window, browse to the DCS driver and click on it. Click OK
    3) Click on the "Actions" menu, change the option to "Filter for 'Processed' associations"
    4) Select all associations and click "Delete". Repeat this step until there are no "Processed" associations left
    5) Click on the "Actions" menu, change the option to "Show all associations"

VI. Start DCS and MSGW Drivers
  A) Open a new browser and login to iManager
    1) For example: https://myserver.novell.com:8443/nps/iManager.html
  B) Go to Identity Manager Administration -> Identity Manager Overview
    1) With [root] in the "Search in" field press the blue arrow to start the search
      a) If you have a big tree change the value of the container to where your driver set is located to avoid long delays in this page
    2) On the Driver Sets tab select the driver set where the DCS and MSGW drivers are running
    3) On the Driver Set Overview Page -> Overview tab
      a) Right-click in the Red circle on the DCS driver and select Edit Properties
        1. On the Identity Manager Tab, select Driver Configuration
          (a) Scroll down to the Startup Options section
            (1) Select the radio button next to "Auto Start"
        2. Press the OK button
      b) Right-click in the Red circle on the DCS driver and select Start driver
      c) Repeat steps 3)a) and 3)b) for the MSGW Driver
  C) Logout of iManager
  D) Close the browser
 
VII. Enable Data Collection in the Reporting Module
  A) Open a new browser and login to the Reporting Module
    1) For Example: https://myserver.novell.com:8180/IDMRPT
  B) Select Identity Vaults from the left-hand navigation
    1) Under Data Collection Service Driver
      a) Make sure checkbox next to "Enable event collection" is checked. If not, select it.
    2) Under the Managed System Gateway Driver
      a) Press the start button in the Collection state
    3) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  C) Select Applications from the left-hand navigation
    1) If there are any Non-Managed Applications defined then they must be enabled
      a) Press the start button in the Application state section
      b) Repeat 1.a) as necessary
    2) Press the Save button
      a) You should receive the following message
        1. Your settings were saved successfully.
  D) Logout of the Reporting Module
  E) Close the browser
 
VIII. Perform Migrate from the Identity Vault in the DCS Driver
 
IX. Perform Data Collection

Feedback service temporarily unavailable. For content questions or problems, please contact Support.