RDBMS

Note

This feature requires Enterprise Edition.

You can synchronize user directories with RDBMS (Relational Database Management System). RDBMS is a database system based on a relational model.

Connecting and Testing

The types of databases that can be connected and tested are as follows:

Supported Synchronization Server Types Item Connection Test
Relational Database Oracle Database O
  MYSQL O
  MSSQL/Sybase O
  IBM DB2 O
  Tibero O
  Altibase O
  CUBRID O

Note

Please prioritize confirming normal communication between the Policy Server and the Synchronization Server and perform a connection test in advance.

Configuring Synchronization

  1. Go to Preferences in the top menu.

  2. In the left settings menu, go to User Authentication > Data Synchronization.

  3. Click Select Tasks > Create.

  4. In the main window, find the General menu.

  5. For ID, Enter name here

  6. For Update Interval, Select the specified time or periodic interval for synchronization.

  7. For Policy Apply, After synchronization, select Enabled to reflect the changes. If you have multiple sync settings, you can set it to Disabled and enable only the last sync.

  8. For Environment, Input is not required for basic synchronization tasks. However, it is used when defining variable values to be commonly referenced within a separate custom shell script executed for integration with external systems.

    Warning

    Configuration Caution: Incorrect environment variable declarations can lead to malfunctions in the integration script or system errors. Before configuration, please ensure that the variables are correctly processed within the script.

    Usage Scenario: Log Level Control Used when you want to control simple operation options such as Log Level or Retry Count during external script execution.

    export LOG_LEVEL='ERROR'

  9. For Query, Enter the SQL query to be executed immediately after information synchronization is complete. This is used when secondary processing is required based on specific conditions using the synchronized information.

    Warning

    Risk of Data Loss: This feature directly affects the database. In particular, the use of UPDATE or DELETE statements may result in irreversible data loss.

    Usage Scenario: Account Lock Processing based on Employment Status Used when you want to automatically disable the NAC account of resigned (or on-leave) employees according to the 'Employment Status' code after information synchronization.

    Prerequisites 1. Create a field to manage employment status (e.g., USER_CUSTOM08) in [Settings] > [Property Management] > [Custom Fields] > [User Custom Fields]. 2. Assign the user custom field created in step 1 to [Additional Info] under [User Information] in [Information Synchronization].

    Writing Example If the value of USER_CUSTOM08 is '001' (Resigned/On-leave, etc.), update USER_STATUS to '0' (Disabled).

    UPDATE USER
SET USER_STATUS = 0
WHERE USER_CUSTOM08 = '001';

  10. In the main window, find the Advanced > DB Type menu. Select the database type from which to read data and configure input information.

  11. In the main window, find and add necessary information in Advanced > User Information, Department Information, Job Title Information, Node Information, Device Information items. (Leave blank if using CSV).

  12. Click the Create button.

  13. In the Data Synchronization list, select the item you want to synchronize.

  14. Click Select Tasks > Synchronize Now.