| accountNamePattern | - It can be used to state an alternative regular expression for validating account names. If accountNamePattern is not specified then the default is used, which is:
^([^\[\]|\?\*\+\(\);:=<>\n\r\t])*$ - The default allows all characters except the following: ^ [ ] | ? * + ( ) ; : = < > CR TAB
- Account name validation is not performed on accounts originating from the Data Warehouse.
- Authoring the AccountNamePattern regular expression is a non-trivial task. Exercise caution, as the incorrectly created expression may cause RoPE to fail.
- Remember that you need to correctly encode the created regular expression to be valid XML. For example: < and > need to be encoded as
< and >. |
| allowedRemoteIPMask | - This setting is used to protect the RemoteAPI service. It contains a mask of allowed remote IP addresses. By default, only the local host is allowed to use the service. If RoPE is running on another machine than the Enterprise Server, the address of the Enterprise Server must be added to the mask.
|
| batchSize | - Specify the maximum number of identities in a batch. If no value is specified, the default is 100.
|
| calculateUnresolved | - If this setting is set to true, this RoPE instance will calculate the unresolved identity. The default value is true.
- For automatic queuing of the unresolved identity, the setting SkipQueuingUnresolved must be set to false.
- The unresolved identity is always queued with low priority and is always calculated in its own batch.
|
| deleteHistoricalCalculationsOlderThanDays | - This setting specifies the number of days to keep historical calculations in RoPE. When an identity is calculated successfully, any calculation results that are older than the specified number of days are deleted. When an identity has no new calculations for some time, then, historical calculations for that identity remain in the tblIdentityCalculation table.
- Historical calculations can take up a lot of space in the RoPE DB. In large deployments, it is therefore recommended to keep the value as low as possible.
- Historical calculations are used to provide the MIM synchronization engine with delta information. It is therefore important that the number is not set lower than the frequency of the MIM imports.
- The default is 10 days. Historical calculations are never deleted if the value is zero.
- This setting does not apply for the unresolved identity due to performance reasons.
|
| deleteQueueItemsAndCycleRunsOlderThanDays | - With this setting you can delete old CalculationQueue and CycleRun records older than the specified number of days.
- The default value is 10 days.
|
| extendValidityPeriods | - This setting specifies how RoPE handles validity periods.
- If set to true, ValidFrom and ValidTo of identities and resource assignments are adjusted so that ValidFrom is at 00:00 and ValidTo is at 23:59 in the identity’s local time zone.
- Important: The ValidFrom and ValidTo properties should be configured, so they have no time part. If they do have a time part (not recommended), then this setting should be set to false, so no adjustment is performed.
|
| loggingLevel | - Controls how verbose the logging is. Specify a value between 1 and 5, where 1 is the most verbose level.
- Message importance must be greater or equal to this value to be logged in the Cycle log run in the database and in the Windows Event Viewer.
- In a production environment, it is recommended to use logging level 3.
|
| queueModifiedEachCycle | - This setting controls if each processing cycle should begin with queuing identities which have been affected by changes to master data since the last cycle.
- This is set to true by default.
|
| queueAllPeriodically | - This setting controls if RoPE adds all identities to the queue periodically. The timing of the queuing is controlled by queuePeriodicallyAt and queuePeriodicallyWeekDays.
|
| queuePeriodicallyAt | - This setting specifies at which hour of the day identities are added to the queue. If, for example, the value is “4”, every hour RoPE will find the identities that are in a time zone where the local time is in the interval 3:00:00 am to 3:59:59am. Afterwards, all identities in those time zones are queued.
- This setting is only considered if QueueAllPeriodically is true.
|
| queuePeriodicallyWeekDays | - This setting specifies on which days of the week the periodical queuing of identities take place. For example, Monday,Tuesday,Wednesday,Thursday,Friday.
- This setting is only considered if QueueAllPeriodically is True.
|
| queuePriorityMinimum | - If this setting is defined, only items with defined priority or higher will be processed by this RoPE instance. See section Distribute the workload across RoPE instances of Queuing.
- By default, no minimum priority is used.
- Make sure that the configuration of all RoPE instances cover all priorities.
|
| queuePriorityMaximum | - If this setting is defined, only items with defined priority or lower will be processed by this RoPE instance. See section Distribute the workload across RoPE instances of Queuing.
- By default, no maximum priority is used.
- Make sure that the configuration of all RoPE instances cover all priorities.
|
| requeueFailures | - This setting controls if identities whose latest calculation failed are added to the queue.
- This setting is only considered if QueueAllPeriodically is true.
|
| skipQueuingUnresolved | - Set this to true to skip queuing the unresolved identity due to master data changes or due to periodic queuing.
- This can sometimes take a long time, if there are many orphan accounts and assignments.
|
| runAssignmentsIntegrityCheck | - If this setting is set to true, RoPE will perform an additional data check after the calculation. It should be used when random SQL exceptions are occurring during database save or delete commands.
|
| unlockQueueItemsOlderThan | - This setting controls how old locked queue items should be before unlocking them.
- It uses a TimeSpan so as an input, you can specify minutes, hours, or days:
- DefaultValue = "00:30:00"
- MinValue= "0:10:00", (10 minutes)
- MaxValue = "1.00:00:00" (1 day)
- For more information, refer to the Standard TimeSpan format strings Microsoft documentation.
- When unlocking queue items, RoPE also checks that the locking instance has not completed any calculations since that time, if so the items are not unlocked as that instance may still be processing the batch.
- If you want to keep the old behavior, that is, to unlock queue items after 24 hours, add the unlockQueueItemsOlderThan setting to the configuration and set it to the following: "1.00:00:00" (1 day).
|