Data import and export

IBM® Security Identity Manager imports and exports data while maintaining data integrity.

Overview

Many enterprise applications, including Security Identity Manager, are often deployed in stages. New policies and business logic can be developed and tested in a test environment and then migrated to a production environment.

The import and export tasks are useful to migrate Security Identity Manager data items and dependent objects from a test environment to a production environment while maintaining data integrity.

You can use the import and export tasks to import previously exported objects from a Java™ archive (JAR) file. Importing of supported object types is limited to Security Identity Manager exported objects only.

There is a limitation on Java HTTPServletResponse for file downloads in displaying double-byte character file names. When naming your export JAR file, do try to use a conventional ASCII file name.

Data migration

Migrating data across Security Identity Manager servers consists of searching for and exporting configured objects from a source server. The migration imports the objects into a target server.

Data migration automates the extraction of commonly configured object types and their dependencies. Data migration is a mechanism to move working or staged configurations from a test environment to a production environment. The mechanism guarantees that the data is imported without loss of integrity. This information is for administrators who want to take advantage of the data migration feature in Security Identity Manager through the import and export tasks.

Exports

There are two types of exports: partial and full. Both types of exports produce a single downloadable JAR file. The file contains an XML file of serialized objects that is added to a list of completed exports.

Imports

Imports are initialized by an administrator on a target server after extracting objects (after generating an export JAR file) from a source server. Imports consist of these stages:
  • JAR file upload
  • Difference evaluation
  • Conflict resolution
  • Data commitment to the system

Policy enforcement

Importing provisioning policies and dynamic organizational roles might result in associating different people with new roles. Imported policies that have changes that require re-evaluation might result in the following policy enforcement tasks:
  • Evaluating dynamic role changes and updating role memberships
  • Finding provisioning policies associated with host selection policies
  • Combining role memberships and provisioning policies with polices that are being imported
  • Enforcing policies on all affected users through a new workflow process

Organizational charts

If there are differences in the organizational chart between the test (source) and target (production) systems, then the imported objects are treated as new objects.

To prevent the creation of duplicate objects when those objects exist in the production system, ensure that the organizational charts match in each system.