Creating and Configuring the Operational Database From the Command Line - Identity and Access Management Services - 3.2 - 3.2 - Other - external

Identity and Access Management Services

Platform
Other
Product
Identity and Access Management Services
Release
3.2
License

After completing the base configuration for the Hyland IdP server you must create and configure the operational database.

The Hyland IdP server uses a specific database schema to store operational runtime data. The database for this operational data can be a Microsoft SQL or Oracle database. The schema for the operational data can be created either in a new database or it can be added to an existing database. In OnBase environments, the OnBase database can be used to store the operational data.

Note:

It is assumed that you have already completed the base configuration for the Hyland IdP server. If you have not yet completed the base configuration, first complete the instructions under Setting Up the Hyland IdP Server From the Command Line.

To create and configure the operational database:

  1. Create a valid ADO.NET connection string for the operational database with the following elements. If the database does not exist, it is created during initialization.
    Tip:

    ADO.NET connection strings are a method of connecting applications to databases. Complete details on connection strings and how to create them are available from Microsoft.

    Variable name

    Value

    Data Source

    One of the following:

    • the SQL instance to create the database under

    • the CONNECT_DATA parameter for the Oracle database

    For SQL, the SQL instance must already exist.

    For Oracle, the Oracle database must already exist.

    Tip:

    In OnBase environments it is recommended to use the OnBase database for the operational database.

    database

    For SQL databases, the name of the database to use. If the database does not exist, it is created by the utility.

    For Oracle databases, this variable is not used because the database is specified in the CONNECT_DATA information used as the Data Source value. For Oracle, the Oracle database must already exist.

    Tip:

    In OnBase environments it is recommended to use the OnBase database for the operational database.

    User Id

    The user account to log in to the database with.

    Note:

    The user account must already exist for the database. It is not created by the utility.

    The database schema created for the operational data is named hsiidp.

    For SQL Server databases

    The database user account must have sufficient rights to create the hsiidp schema in an existing database. If the database does not exist, the user also needs rights sufficient to create a database in the SQL Server instance. The user needs sufficient rights to select, update, insert, delete, and view the definition of tables in the hsiidp schema that is created.

    For Oracle databases

    The database being used for operational data must already exist; it is not created by the utility for Oracle databases. You must also make sure a user named hsiidp is created before initializing the operational database, and that the hsiidp user is the User Id used to initialize the operational database. The hsiidp user needs sufficient rights to query the data dictionary, create sessions, create tables, and insert data into the default tablespace.

    Note:

    Complete documentation on configuring users for SQL and Oracle databases is available from the vendors of those products.

    Password

    The password that corresponds to the User Id account specified.

    For Oracle connections, this is the password for the hsiidp user.

    direct

    For Oracle databases, set to true if the Hyland IdP service should connect directly to the Oracle database server instead of relying on a locally installed Oracle client.

    Note:

    Only TCP connections are supported in direct mode.

    You do not need to include this variable for SQL databases.

    An example SQL connection string may look like this:

    Data Source=PROD-MACHINE\SQLInstance;database=MyDatabase; User Id=UserName;Password=UserPassword;

    An example Oracle connection string may look like this:

    Data Source=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=PROD-MACHINE)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=MyDatabase)));User Id=hsiidp;Password=UserPassword;direct=true;

  2. Type the create-operational-database command, but do not run it yet:
    dotnet Hyland.Identity.Server.Initialization.dll create-operational-database
  3. Append the following switches and their values to the create-operational-database command. Be sure to enclose the values in double quotation marks.

    Switch

    Value

    --connectionstring

    The valid ADO.NET connection string you created for the operational database. If the database does not exist, it is created when the create-operational-database command is executed.

    --providertype

    The provider type of the database.

    Enter SqlServer for a SQL database, or Oracle for an Oracle database.

    Note:

    The values are case sensitive.

    --appsettings

    The full file path of the appsettings.json file. In a default installation, this file is located at:

    C:\Program Files\Hyland\identityprovider\config\appsettings.json

    For example, a completed create-operational-database command for a SQL database may look like this:

    dotnet Hyland.Identity.Server.Initialization.dll create-operational-database --connectionstring "Data Source=PROD-MACHINE\SQLInstance;database=MyDatabase;User Id=UserName;Password=UserPassword;" --providertype "SqlServer" --appsettings "C:\Program Files\Hyland\identityprovider\config\appsettings.json"                        
                        
  4. Press the Enter key to run the create-operational-database command.
    If any errors are reported, they must be corrected and the command run again. The command returns success messages if no errors are encountered.
  5. Close the command-prompt window.
  6. Recycle the application pool of the Hyland IdP server for the changes to take effect.
    Note:

    After initializing the Hyland IdP server, Perceptive environments must complete the instructions under Configuring the Hyland IdP Server for Use With Perceptive. OnBase environments do not need to complete those instructions.