Prerequisites for using the vApp with an external database in 14.4 version of Identity Suite
search cancel

Prerequisites for using the vApp with an external database in 14.4 version of Identity Suite

book

Article ID: 262383

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

We are planning a migration to Virtual Appliance version 14.4 and would like to know the prerequisites to create the corresponding external databases.

Environment

Release : 14.4

Resolution

Articles:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-suite/14-4/virtual-appliance/platform-support-matrix.html

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-4/installing/installation-prerequisites/central-databases.html

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-portal/14-4/platform-support.html

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-4/platform-support-matrix/server-environments.html

 

Additional Information

This is a copy of information provided in vApp console of 14.4 version of Identity Suite:

 

Prerequisites for using the vApp with an external database 
==========================================================

============
= Overview =
============
1) The DBA should create new users and passwords (also known as "schemas" when using Oracle database) for each of the products that you intend to deploy:
   * Identity Manager
   * Identity Governance
   * Identity Portal
2) The DBA should provide the above credentials to the IGA Virtual Appliance administrator - to be configured and verified in the External Database configuration screen.
3) During the Virtual Appliance solution deployment, the databases will be automatically populated with tables.

=====================================================================================================
========================================= Identity Portal ==========================================
=====================================================================================================
Oracle: 
-------
a. Create an Identity Portal database.
b. Create a user with CONNECT and RESOURCE privileges on the Identity Portal database.
c. Grant a quota to the tablespace of the Identity Portal database

MS SQL:
-------
a. Create an Identity Portal database.
b. Create a user with DBO privileges on the Identity Portal databsae.

=====================================================================================================
========================================= Identity Manager ==========================================
=====================================================================================================
Identity Manager uses 6 data sources:
1) Object Store 
2) Task Persistence 
3) Archive 
4) Auditing 
5) Snapshots (reporting) 
6) Workflow 
You may either create a single user/schema for all of the above data sources, or decide to split schemas according to sizing requirements (you may either split all data-sources, or some of them)

Oracle:
-------
a. Create an Identity Manager database.
b. Create a user with DBA privileges on the Identity Manager database.
c. The tables will be created automatically by Identity Manager upon first run
d. After the first run, you should revoke the DBA privilege and assign the following privileges instead:
   Create/alter/drop tables 
   Create/alter/drop view 
   Create/alter/drop INDEX 
   Create/replace/drop stored procedures 
   Create/replace/drop functions 
   Create/drop sequence 
   Create/replace/drop triggers 
   Create/replace/drop types 
   Insert/select/delete records 
   CREATE SESSION / connect to database

MS SQL:
-------
a. Create an Identity Manager database.
b. Create a user with DBO privileges on the Identity Manager database.

====================================================================================================
======================================= Identity Governance ========================================
====================================================================================================
MS SQL:
-------
a. Create a login user on the Identity Governance database server (you may create separate users for each of the below databases)
   The login user needs to have the following SQL server roles:
   db_owner
   Datareader
   Datawriter
   BulkAdmin
   DDLAdmin
   
b. Create the following databases (you may change the names as you see fit)
   EUREKIFY_SDB
   TICKET_DB
   REPORT_DB
   WPDS

Oracle: 
-------
a. Create the following users with CONNECT and RESOURCE privileges on the Identity Governance database (you may change the names as you see fit):
   EUREKIFY_SDB
   TICKET_DB
   REPORT_DB
   WPDS
b. Grant a quota to the tablespace of the Identity Governance database