cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

System copy of SAP IdM system

Go to solution
Former Member

on ‎04-27-2012 7:47 AM

0 Kudos

Hello All,

We have implemented SAP IdM 7.1 in your landscape. The UI is set on SAP netweaver 7.0 EHP1 portal and the identity center database is a standalone Oracle 11g.

Now we want to copy our Quality IdM to our new Dev environment ( So that Dev has the exact data of Quality)

In normal cicumstances, we would take an export of the sap system and import the data in the target system.

But I do not know what procedure needs to be followed for IdM.

Here are my doubts:

1) How to get the same data of my QA to Dev environment? will normal DB backup and restore work? or other files needs to be copied as well?

2) Do I have to copy both the UI portal DB and the identity center DB or just identity center DB will do.

3) In the operation guide, they mention Application copy and refer to SAP NetWeaver Identity Management Identity Center Implementation Guide Staging environment. Can you let me know where can I find this guide or what application copy is.

Regards,

Sonia

Message was edited by: Sonia Amin

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

martina_gutmann2
Explorer
‎04-27-2012 11:22 AM
0 Kudos

Dear Sonja,

in my opinion a backup and restore should work also for the IDM-Database.

But you have to configure the new database connection at several places.

1) SAP Netweaver Java - Visual Admin - JDBC-Connection

2) Dispatcher JDBC-Connection (Prop-File)

3) Virtual Directory server - Database connection in your xml-Configuration-Files (if you use VDS)

4) Identity Center

I did a hardware change for my IDM-systems during the last weeks.

In my case the SAP Netweaver and the IDM-Database were installed on one server (with one Oracle-Intallation) and I separated the installation, so that they are now running on different servers.

First step:

I exported SAP Netweaver  with the SAP-Inst Export functionality and installed the SAP Netweaver with this export on a new server. In my case the SAP Netweaver Java is only used for the User Interface (Role Exports/Imports) and stores only configuration data (no important transaction data/variable data). There is a JDBC-Connection in the Visual Admin to the IDM-Database that has to be configured if the IDM-Database is running on a new server or with a new SID.

Second step:

I exported the IDM-Database with Oracle "exp" for each user (mxmc_oper, mxmc_rt and so on)

and imported that to my target Database.

Best regards

Martina

Show replies
Show replies
Former Member
‎04-27-2012 1:03 PM
0 Kudos

Dear Martina,

Thanks for the reply. 

The understood the first step completely. In second step what tool did you use to do the oracle exp? Brtools or RMAN?

Regards,

Sonia

martina_gutmann2
Explorer
‎04-27-2012 1:10 PM
0 Kudos

Hello,

I did it with the Export/Import-Functions of Oracle called "exp" and "imp".

With this function you can transfer tables or complete user schemes. In my case I transfered the data from Oracle 10 to Oracle 11.

But you can use your tools e.g. RMAN to transfer the datafiles and the controlfiles to your target database. This should work too.

Regards,

Martina

Former Member
‎05-04-2012 7:41 AM
0 Kudos

Hi Martina,

I had another query. When you used "exp" utility, did you use user mode.

Regards,

Sonia

martina_gutmann2
Explorer
‎05-04-2012 1:50 PM
0 Kudos

Hi,

I did the export (Linux, Oracle 10), import to Oracle 11 as follows for every user (mxmc_*)

               1) I created parameter file for each user e.g. "exp_oper.par"

userid=mxmc_oper/password        (Password has to be changed)

file=mxmc_oper.dmp                         (Name of the Export-File)

log=mxmc_oper.log                           (Log-File)

buffer=1000000000

owner=mxmc_oper

consistent=yes 

statistics=none

2) I started the export:     > exp parfile=exp_oper.par 

3) Before the import, I first created all roles and grants

     (e.g .  create role MXMC_ADMIN_ROLE,  create role MXMC_USER_ROLE, create role

                MXMC_RT_ROLE,  create role MXMC_PROV_ROLE, grant MXMC_RT_ROLE to MXMC_RT

         ...    here I took the commands from the IDM-Script for installing the IDM-Database)

                4)  Then I created the Import-Parameterfiles (for every user mxmc_*):

            userid=mxmc_oper@connectstring

   file=mxmc_oper.dmp

            log=mxmc_oper_imp.log

            buffer=1000000000

                        full=y

                

 

                 5) Then I startet the Import for every user:  > imp parfile=imp_oper.par

                        (First mxmc_oper, then mxmc_rt.....)

                 6) Then I set the new DB-connection in my identity center and created the

                     JDBC-Connection string (Dispatcher-Scripts) for my Dispatcher and so on...

Regards,

Martina

Former Member
‎05-05-2012 7:21 AM
0 Kudos

Thanks a lot Martina. I am going ahead with the copy.

Regards,

Sonia

martina_gutmann2
Explorer
‎05-09-2012 6:55 AM
0 Kudos

Dear Sonja,

I got the information from SAP that in October 2012 a procedure for the system copy  (homogeneous) will be available . But I think you won't wait .....

Kindest regards

Martina

Former Member
‎05-09-2012 7:19 AM
0 Kudos

Hi Martina,

Thanks for the update. I performed the exp of the IdM db last weekend. Yet to import it though...Here I had a question. To import the schema of any user,say MXMC_PROV, does the user (MXMC_PROV) need to be present in my new IdM Db? Do i need to run the script for creating these users before I can import the data.

Regards,

Sonia

Regards,

Sonia

martina_gutmann2
Explorer
‎05-09-2012 7:38 AM
0 Kudos

Hi,

yes. Sorry, I forgot to mention this steps. All users have to be available in the target database.

I think you can use the '2-create-users.sql' Script.

mxmc_user and mxmc_rt need to have the authorization to create tables.

All others need the authorization to create synonyms...

I did the transfer with IDM 7.2... I am not sure if there is a difference to 7.1.

Kind regards

Martina

martina_gutmann2
Explorer
‎05-09-2012 7:47 AM
0 Kudos

One more issue:

With the import I startet with the mxmc_oper (posseses tables) and the mxmc_rt (also possesses tables)

and then proceeded with the other users...

Former Member
‎05-09-2012 8:14 AM
0 Kudos

Thanks Martina for quick response. I will keep in mind these points while performing the import.

Thanks again for all the support.

Answers (1)

Answers (1)

Former Member
‎04-30-2012 9:15 PM
0 Kudos

Hi Sonia,

I'm not sure I agree with this as when you copy back your system, your data will also move, meaning you have a DEV IdM system full of QAS privilege, users and roles. We perform a system copy by installing IdM cleanly in DEV and then exporting the identity centre from QAS and importing it to DEV. Finally then we reload the data from the connected DEV systems. This means your config is the same in DEV as in QAS, but the data is correct for that tier of the landscape too.

Hope that is helpful,

Ian

Show replies
Show replies
former_member2987
Active Contributor
‎05-01-2012 4:11 PM
0 Kudos

Ian is correct.  Moreover, if you are using 7.2 I believe there is now a transport mechanism that you can use which insures the integrity of the repositories and roles as they move from system to system.  I believe that there is a tutorial document about this.

Matt

Former Member
‎05-02-2012 6:31 AM
0 Kudos

Hello Ian,

Thanks for the valuable info. Let me explain to you what the scenario is. We have a DEV system and a QAS system already in place. Now, the need is to update the DEV system with QAS data, in other words, QAS and DEV need to have the same data. Now do you suggest:

1) Scrapping DEV system altogether and installing fresh IdM and then exporting the identity centre from QAS and importing it to DEV

2) Just exporting the identity centre from QAS and importing it to DEV, so that the identity center data is overwritten.

Regards,

Sonia

former_member2987
Active Contributor
‎05-04-2012 2:35 PM
0 Kudos

Sonia,

That is a very good question.  Not sure how to answer that from an Oracle perspective, however if this were a SQL Server I would simply backup the database, restore it to the new server, install the same version of IDM and then set up the connection strings, dispatchers, event agents, etc.  You would have then created a "downgraded" QA system to the DEV environments.

Matt

Ask a Question