IBM 4.6 manual IBM Tivoli Identity Manager adapters, Microsoft Active Directory

Page 13

4 IBM Tivoli Identity Manager adapters

It is sometimes necessary to tune the IBM Tivoli Identity Manager adapters when doing large provisioning changes or reconciliations. This section should supplement, not supersede, the documentation included with the adapter.

4.1Microsoft Active Directory

The Microsoft Active Directory adapter returns attributes to IBM Tivoli Identity Manager that are not directly retrieved from Active Directory, but rather calculated from other Windows sources. Querying these external sources can slow down Active Directory reconciliations and can be disabled if these attributes are not needed.

The Home Directory Security and Mailbox Permissions are two such attributes. Retrieving this information requires looking up the appropriate access control entry, which is a costly operation. Setting ReconHomeDirSecurity and ReconMailboxPermissions to FALSE in the adapter registry will disable this overhead.

Working with Windows Terminal Services (WTS) attributes can slow down provisioning and reconciliation as well. There are two adapter registry keys that control access to these attributes:

WtsEnabled – This key controls the adapters’ access to WTS attributes. If this key is enabled (set to TRUE) the adapter will have access to provision and reconcile WTS attributes. If this key is disabled (set to FALSE) the adapter will not provision WTS attributes if requested, nor will it return them during reconciliation. The default value for this key is FALSE.

WtsDisableSearch – This key controls whether the adapter will return WTS attributes during a reconciliation (a “search” from the adapter’s perspective). If this key is enabled (set to TRUE), WTS attributes will not be returned in a reconciliation but the attributes will still be updated in account provisions. If this key is disabled (set to FALSE), WTS attributes will be returned in a reconciliation. This key only applies if the WtsEnabled key is set to TRUE. The default value for this key is TRUE.

IBM Tivoli Identity Manager Performance Tuning Guide

Page 11

Page 12 Page 14
Image 13
Page 12 Page 14
Contents Issue Date Trademarks Copyright NoticeTable of contents Who should use this guide About this guideInitial tunings Vital tuningsIntroduction Resource allocation2 CPU MemoryDisk space IBM WebSphere Application Server Workload management WLM timeoutJava virtual machine JVM size Transaction timeout Message driven bean MDB request timeoutSelect Container Services Select ORB Service Change WLM timeout to wlmtimeoutSetting the values Recycle bin IBM Tivoli Identity Manager applicationReconciliations ThreadsLimiting the attributes evaluated Limiting attributes returned from the adapterMaximum duration Select ReconciliationSet the Max Duration to maxduration Microsoft Active Directory IBM Tivoli Identity Manager adaptersAPARs Idle thread timeoutBuffer pools Determining the values JCL location DescriptionActive log duplexing Locks per user limitReorg and Runstats Additional Zparms Default value Recommended valueCache sizes IBM Ldap ServerMax connections Row locking on Searchts Changelog limitsIndexing RunstatsBest practices Regular maintenance Other resources

4.6 specifications

IBM 4.6, known for its robust and versatile capabilities, represents a significant evolution in the realm of enterprise software solutions. This version is primarily associated with IBM's middleware offerings, notably IBM WebSphere Application Server. It is engineered to support the development, deployment, and management of web applications with a focus on scalability, reliability, and security.

One of the standout features of IBM 4.6 is its enhanced performance optimizations. The platform employs advanced caching strategies and efficient resource management to improve application response times and throughput. This means that businesses can handle heavier loads with fewer resources, making it an economical choice for enterprises of all sizes.

Another notable characteristic is its support for a wide range of programming models and standards, including Java EE. This allows developers to build applications using familiar tools and frameworks, accelerating development timelines and improving productivity. Additionally, IBM 4.6 offers robust integration capabilities with existing enterprise systems through its support for web services and messaging protocols.

IBM 4.6 also emphasizes security. It includes features such as role-based access control, data encryption, and comprehensive auditing capabilities. These measures help organizations safeguard sensitive information and comply with various regulatory requirements.

The compatibility with multiple platforms, including cloud environments, is another significant advantage. IBM 4.6 simplifies deployment across diverse infrastructures, enabling businesses to operate in hybrid environments seamlessly. This flexibility is particularly beneficial as organizations increasingly adopt cloud migration strategies.

Furthermore, IBM 4.6 is equipped with a range of monitoring and management tools. These tools provide insights into application performance and health, allowing IT teams to proactively identify and address potential issues before they impact users. This capability is critical in maintaining high availability and reliability of services.

In summary, IBM 4.6 stands out as a comprehensive solution for enterprise application development and management. Its key features, such as enhanced performance, support for industry standards, strong security measures, platform compatibility, and monitoring tools, make it a compelling choice for organizations seeking to modernize their IT infrastructure. Implementing IBM 4.6 can empower businesses to innovate faster while ensuring their applications remain secure and efficient in a rapidly evolving digital landscape.
Top Page Image Contents