Runtime database

Edit online

You can view and update the current runtime database settings with the Runtime Database tab on the Cluster Configuration management page.

Note: If Oracle is set as the external runtime database and either the local management interface or runtime server trace specification includes Oracle trace points (for example, oracle.*) the underlying Oracle JDBC JAR file is changed to a debugging JAR file. The debugging JAR file might adversely affect performance. Enable Oracle tracing only for debugging purposes and disable it after the debugging is complete.

Warning: Enabling trace for Oracle components “oracle.*” might result in the Oracle database administrator password being logged in clear text.

The runtime database contains runtime data that is used by the Advanced Access Control and Federation components.

Note: Legacy OIDC was deprecated in IBM® Verify Identity Access v10.0.0. If a Verify Identity Access installation before version 10.0.0 is upgraded to version 10.0.0 or later, use the RemoveOauthDBSchema.sql to remove the tables were used by legacy OIDC from the external HVDB. Go to System > Secure Settings > File Downloads > common > database > <db type> > runtime > RemoveOauthDBSchema.sql.

If Oracle is set as the external database, the user who owns the schema must be dropped. This step is not included in the script as it must be run with caution due to the possibility that the user can own other schemas as well.

Specify the following information for the external runtime database:

Type

The database type, which is either Db2, Oracle, PostgreSQL, or Microsoft SQL Server.

Address

The IP address or hostname of the external database server.

Port

The port on which the external database server is listening.

Username

The name of the database administrator.

Password

The password for the database administrator.

Db2

Secure: Select this checkbox to create a secure connection with the Db2® server.
Note: Before a secure connection can be established, you must first import the certificate for the environment to use for communication with the Db2 server. The certificate must be imported into the lmi_trust_store and rt_profile_keys key files. Use the SSL Certificates page to import the appropriate certificate.
Database name: The name of the database instance on the external Db2 server.
Enable High Available Disaster Recovery and Automatic Client Reroute: Select this checkbox to enable HADR and ACR.
Alternate Address: The IP address or hostname of the failover database server in the HADR configuration.
Alternate Port: The port on which the failover database server in the HADR configuration is listening.

Oracle

Secure: Select this checkbox to create a secure connection with the Oracle server.
Note: Before a secure connection can be established, you must first import the certificate for the environment to use for communication with the Oracle server. The certificate must be imported into the lmi_trust_store and rt_profile_keys key files. Use the SSL Certificates page to import the appropriate certificate.
Certificate Store: The name of the certificate store that contains the keys that are used when communicating with the external Oracle server.
Service name: The name of the service instance on the external Oracle server.

PostgreSQL

Secure

Select this checkbox to create a secure connection with the PostgreSQL server.

Note: Before a secure connection can be established, you must first import the certificate for the environment to use for communication with the PostgreSQL server. The certificate must be imported into the lmi_trust_store and rt_profile_keys key files. Use the SSL Certificates page to import the appropriate certificate.

Database name

The name of the database instance on the external PostgreSQL server.

Enable failover support

Select this checkbox to enable PostgreSQL failover support. After this box is checked, the failover server management section is enabled.

Failover servers

Manage the PostgreSQL failover servers in this section.

Add

Click the Add button to add a failover server. A new dialog opens.
Specify the new failover server address and port.
Click Submit to add the server.

Delete

Select the failover server in the grid.
Click the Delete button to remove the server from the list.

Move Up and Move Down

Select the failover server in the grid.
Click the Move Up or Move Down button to change the order of the server in the list.

MSSQL

Secure: Select this checkbox to create a secure connection with the MSSQL® server.
Note: Before a secure connection can be established, you must first import the certificate for the environment to use for communication with the MSSQL server. The certificate must be imported into the lmi_trust_store and rt_profile_keys key files. Use the SSL Certificates page to import the appropriate certificate.
Database name: The name of the database instance on the external MSSQL server.
Instance name: The database instance name to connect to. When it isn't specified, a connection is made to the default instance.
Trust the server certificate: Enable this field to indicate that the driver doesn't validate the server TLS/SSL certificate.
Failover partner: The name of the failover server used in a database mirroring configuration. This property is used for an initial connection failure to the principal server. After you make the initial connection, this property is ignored.