Skip to end of metadata
Comment: Migrated to Confluence 4.0
Go to start of metadata

The following section explains how to set up the identity repository for OpenIAM.  OpenIAM supports the following relational databases as its primary repositories:

  • Oracle
  • Microsoft SQL Server
  • MySQL

MySQL 5.x

 The steps below describe how to set up an Identity repository for OpenIAM on MySQL 5.x.   This guide assumes that the MySQL database server has been successfully installed. If you have not, please refer to www.mysql.com for the latest instructions on how to do this. These instructions vary form platform to platform are beyond the scope of this guide.

In addition to the database server, it is helpful to install its GUI administration and query tools. These are available at www.mysql.com.  These tools will also you to connect to the mysql server and the necessary database scripts to create the IDM repository.

Create a Database Schema

While the schema can be created using MySQL command line tools, the following steps assume that you will be a tools such as the MySQL Administration and MySQL Query Browser.

  • Login to the MySQL Administrator
  • Click on the [Catalogs] node in the tree panel.
  • Right click an select [Create New Schema]
  • Provide a name for the new schema, such as openiam, and click on [Save] 

The mysql_idm_dbcreate.sql script provides a script to create the above schemas. The script may be executed through either the GUI tools or the command line mysql tools that are provided with the database engine.

Create a Database User

The identity repository will need a user account that can be used by the IAM application to connect to the repository. To create a user, follow the steps below.

  • Launch the MySQL Administrator
  • Login to the database using the dialog below. You will need to replace the values below with those that are specific to you environment.

 <insert image here>

  • After a successful login, you will see the screen below. 
  • Select the [User Administration] icon, which allows you to manage the user accounts in the database
  • Click on the [New User] button at the bottom of the screen.
  • Create a new user account that will be used by the IDM system. For example:
    • MySql User: idmuser
    • Password: idmuser 
  • Click on [Apply Changes] when you are done.

Once a user account has been created, we need to assign privileges to the account.  This can be done using the steps below:
•    Click on the idmuser entry under the User Accounts panel.
•    Next click on the [Schema Privileges] tab as shown in the image below.
•    Select the schema that you created above [openiam]
•    From the [Available Privileges], select the following privileges and move them over to the [Assigned Privileges] column.

Repeat the steps above to grant rights to idmuser for the bpmcore and the bpmhistory schemas.

Run DB Scripts

You will need to launch the MySQL Query Browser and login.  Logging into the Query Browser is similar to what you did above with the administrator utility.

  • From the [File] menu, select [New Script Tab].
  • Click on the [Load] icon in toolbar and open mysql_schema_common.sql found in the schema directory. Next click on the [Execute] icon to run the script.
  • Repeat the above step for
    • mysql_schema_security.sql
    • mysql_idm_data.sql - Used to load initial data

 

Labels:
None
Edit Labels

3 Comments

Hide/Show Comments

  1. May 05, 2009

    Binumon

    How do I get the database script like mysql_schema_common.sql , mysql_schema_security.sql and mysql_schema_security.sql to deploy and experience the OpenIAM demo (community edition) ... In this DB Script it is not specified and the community edition bundle it not there...

    Regards

  2. May 11, 2010

    Nik Tetteh-Lartey

    We seem to be missing the image showing exactly which [Assigned Privileges] we select. By default I just selected all.

    1. May 11, 2010

      Suneet Shah

      Thanks Nik. The image has been added.