MIIS 2003 uses SQL Server 2000 as its data store. Each edition of MIIS 2003 is supported by specific editions of Microsoft® Windows Server™ 2003 and SQL Server 2000.
Windows Server 2003 and SQL Server 2000 Editions:
MIIS 2003 Requirements for SQL Server 2000
The following are MIIS 2003 requirements for SQL Server 2000:
1. SQL Server 2000 and MIIS 2003 can be installed on the same server or different servers, but they must be located in the same domain.
2. If you configure SQL Server 2000 to use a communications port other than the default SQL Server port 1433, you must use the SQL Server Client Network Utility on the computer on which you run MIIS 2003 to set the communications port to be used by SQL Server clients on that computer. You must do this even if MIIS 2003 is running on the same computer that SQL Server 2000 is running on.
Recommendations for Running SQL Server 2000 to Support MIIS 2003
• Do not attempt to manually modify data that is stored in the MIIS database. Modify the database only by using Identity Manager, which can determine if and what changes are necessary.
• Maintain your transaction log files for the MIIS database on a separate drive from the drive that contains the MIIS database.
• To ensure availability and provide redundancy in large-scale environments, use SQL Server clustering with MIIS 2003, Enterprise Edition.
• In addition to using the performance improvement methods described elsewhere in this document, use performance tuning to optimize SQL Server 2000 performance.
MicrosoftIdentityIntegrationServer Database in SQL Server 2000
When MIIS 2003 is installed, a SQL Server 2000 database that is named MicrosoftIdentityIntegrationServer is created within SQL Server 2000. The MicrosoftIdentityIntegrationServer database contains all the metadirectory data used by MIIS 2003, including the following:
• Metaverse data
• Management agent data
• Connector space data
• Rules extension data
• Object link data
• Management agent run profiles
• Management agent run history
• Joiner log
The MicrosoftIdentityIntegrationServer database does not contain any of the following:
• Event log files
• Contents of the directory at C:\ProgramFiles\Microsoft Identity Integration Server\MaData
• Administrative scripts
Example:
Backup Strategies for MIIS Database:
Backing Up the MIIS 2003 Encryption Key:
You need to regularly back up the encryption key that MIIS 2003 uses to encrypt data and credentials. Failure to back up encryption keys can lead to loss of encrypted data and credentials. To back up the encryption key, use the MIIS Key Management Utility.
The MIIS Key Management Utility has two different user interfaces:
1. command line and
2. Windows wizard.
For most backup and restore operations of the encryption key, the command line interface is sufficient. For more advanced backup operations of the encryption key, for example, to add a new encryption key to the key set or to abandon an existing key set and create a new set, you need to use the MIIS Key Management wizard.
1. command line and
2. Windows wizard.
For most backup and restore operations of the encryption key, the command line interface is sufficient. For more advanced backup operations of the encryption key, for example, to add a new encryption key to the key set or to abandon an existing key set and create a new set, you need to use the MIIS Key Management wizard.
To back up the encryption key, you must be logged on as a member of an MIIS security group and have administrative credentials on the local computer.
To back up the MIIS 2003 encryption key by using the command line
1. On the server where MIIS 2003 is running, change the directory by typing the following at the command line:
cd %Programfiles%\Microsoft Identity Integration Server\bin
2. Type the following at the command line to save the encryption key to a floppy disk:
miiskmu /e a:keyback.bin /u miisadmin *
To back up the MIIS 2003 encryption key by using the MIISkmu wizard:
1. Click Start, point to All Programs and Microsoft Identity Integration Server, and then click Key
Management Utility.
2. Follow the instructions in the wizard.
Note: When using the MIISkmu wizard, you might need to stop the Microsoft Identity Integration Server service in Windows Services in order to enable advanced options.
No comments:
Post a Comment