Skip to end of metadata
Comment: Migrated to Confluence 4.0
Go to start of metadata

The following section explains how to set up the identity repository for OpenIAM.  OpenIAM supports the following relational databases as its primary repositories:

  • Oracle
  • Microsoft SQL Server
  • MySQL

MySQL 5.x

 The steps below describe how to set up an Identity repository for OpenIAM on MySQL 5.x.   This guide assumes that the MySQL database server has been successfully installed. If you have not, please refer to www.mysql.com for the latest instructions on how to do this. These instructions vary form platform to platform are beyond the scope of this guide.

In addition to the database server, it is also helpful to install its GUI administration and query tools. These are also available at www.mysql.com.  These tools will also you to connect to the mysql server and the necessary database scripts to create the IDM repository.

Create a Database Schema

While the schema can be created using MySQL command line tools, the following steps assume that you will be a tools such as the MySQL Administration and MySQL Query Browser.

  • Login to the MySQL Administrator
  • Click on the [Catalogs] node in the tree panel.
  • Right click an select [Create New Schema]
  • Provide a name for the new schema, such as openiam, and click on [Save]

Create a Database User

The identity repository will need a user account that can be used by the IAM application to connect to the repository. To create a user, follow the steps below.

  • Launch the MySQL Administrator
  • Login to the database using the dialog below. You will need to replace the values below with those that are specific to you environment.

 <insert image here>

  • After a successful login, you will see the screen below. 
  • Select the [User Administration] icon, which allows you to manage the user accounts in the database
  • Click on the [New User] button at the bottom of the screen.
  • Create a new user account that will be used by the IDM system. For example:
    • MySql User: idmuser
    • Password: idmuser 
  • Click on [Apply Changes] when you are done.

Once a user account has been created, we need to assign privileges to the account.  This can be done using the steps below:
•    Click on the idmuser entry under the User Accounts panel.
•    Next click on the [Schema Privileges] tab as shown in the image below.
•    Select the schema that you created above [openiam]
•    From the [Available Privileges], select the following privileges and move them over to the [Assigned Privileges] column.

Run DB Scripts

You will need to launch the MySQL Query Browser and login.  Logging into the Query Browser is similar to what you did above with the administrator utility.

  • From the [File] menu, select [New Script Tab].
  • Click on the [Load] icon in toolbar and open mysql_schema_common found in the schema directory. Next click on the [Execute] icon to run the script.
  • Repeat the above step for:
    • mysql_schema_security.sql
    • openiam-schema-xacml
    • mysql_am_data.sql
    • mysql_am_ee_data.sql

 

Labels:
None
Edit Labels