tschloesser Outstanding Contributor.
Outstanding Contributor.
562 views

Internal or external DB


Hi,

can anybody povide information on the utilization of the internal DB?

How well does the intzernal DB scale and at when would it be best
practice to use en external DB?

According to the documentation only MSSQL and Oracle are supprted, but
when I go through the configuration optins I can find hints that MYSql
can be configured as well. If this is the cas can we use PostgesSQL or
any other DB?

Are there any special configurations to be done in the external DB or
does the service create the DB schema during start?

Thanks,

Thorsten


--
tschloesser
------------------------------------------------------------------------
tschloesser's Profile: https://forums.netiq.com/member.php?userid=3232
View this thread: https://forums.netiq.com/showthread.php?t=53688

0 Likes
7 Replies
Knowledge Partner
Knowledge Partner

Re: Internal or external DB

tschloesser wrote:

>
> Hi,
>
> can anybody povide information on the utilization of the internal DB?
>
> How well does the intzernal DB scale and at when would it be best
> practice to use en external DB?


I thought it stated in the doc that using only the internal DB is only recommended for test/demo environments.
Production deployments should use schema extensions in your LDAP directory and/or an external DB.

> According to the documentation only MSSQL and Oracle are supprted, but
> when I go through the configuration optins I can find hints that MYSql
> can be configured as well. If this is the cas can we use PostgesSQL or
> any other DB?


Not sure, I configured but it appears to be very generic. So likely will work (but unsupported).

> Are there any special configurations to be done in the external DB or
> does the service create the DB schema during start?


The service creates schema during startup. All it needs is an account with the relevant rights to do so.
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
tschloesser Outstanding Contributor.
Outstanding Contributor.

Re: Internal or external DB


Hi,

according to the documentation:

-LocalDB is a local embedded
database. SSPR uses it for
storing local data. LocalDB
requires no administration or maintenance
, and the default values are sufficient.
-

Im am storing challenges for in eDirectory. So at this point in time I
guess I am only storing tokens and statistical data in the internal DB.

The system has about 20k Users - will this work with the internal DB?

Can anybody ghimmy a clue how large the (external) DB can possibly grow
in the descriped environment?

Thanks,

Thorsten


--
tschloesser
------------------------------------------------------------------------
tschloesser's Profile: https://forums.netiq.com/member.php?userid=3232
View this thread: https://forums.netiq.com/showthread.php?t=53688

0 Likes
Knowledge Partner
Knowledge Partner

Re: Internal or external DB

If curious what is in there you can always export the LocalDB using the
command line or ConfigManager. Since you are storing challenges in the
directory (as I think everybody should) the LocalDB is probably going to
remain pretty small. With only 20,000 users you're possibly around 200
password changes per day, which as you may imagine is almost nothing.

If doing the LocalDB option (which I prefer simply because it's simple,
has fewer points of failures, etc.) I recommend being sure you have your
disaster/recovery plans setup properly to handle what happens if the
database goes crazy (files corrupted somehow, disk runs out of space if
poorly planned, etc.) which basically means regular/frequent backups that
you know work. If you're running SSPR in a VM then maybe having that VM
be able to quickly move to a new VM host can help with high availability.
Not doing these things is not the end of the world, but since this is a
user-facing application downtime is noticed, so doing them means less
glaring from other folks if things ever go wrong with any part of the
system (from server or network hardware through the LocalDB).

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Knowledge Partner
Knowledge Partner

Re: Internal or external DB

tschloesser wrote:

>
> Hi,
>
> according to the documentation:
>
> -LocalDB is a local embedded
> database. SSPR uses it for
> storing local data. LocalDB
> requires no administration or maintenance
> , and the default values are sufficient.
> -
>
> Im am storing challenges for in eDirectory. So at this point in time I
> guess I am only storing tokens and statistical data in the internal DB.


Weren't there some limitations on token types if you used LocalDB?
We're not using challenges at all. I preferred to not extend the directory schema at all and put everything possible into an external database. Really depends on your plans for expansion and use case for the product.
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Internal or external DB

On 6/16/2015 9:29 AM, Alex McHugh wrote:
> tschloesser wrote:
>
>>
>> Hi,
>>
>> according to the documentation:
>>
>> -LocalDB is a local embedded
>> database. SSPR uses it for
>> storing local data. LocalDB
>> requires no administration or maintenance
>> , and the default values are sufficient.
>> -
>>
>> Im am storing challenges for in eDirectory. So at this point in time I
>> guess I am only storing tokens and statistical data in the internal DB.

>
> Weren't there some limitations on token types if you used LocalDB?
> We're not using challenges at all. I preferred to not extend the directory schema at all and put everything possible into an external database. Really depends on your plans for expansion and use case for the product.


To me the biggest issue of Local vs other vs LDAP is when you need to
load balance SSPR across more than 1 node.

LDAP is nice, since there is this distributed database already up,
running and properly configured.

I wish we could store EVERYTHING in LDAP, since that is easier to
replicate.

0 Likes
tschloesser Outstanding Contributor.
Outstanding Contributor.

Re: Internal or external DB


geoffc;258056 Wrote:
> On 6/16/2015 9:29 AM, Alex McHugh wrote:
>
> To me the biggest issue of Local vs other vs LDAP is when you need to
> load balance SSPR across more than 1 node.
>
> LDAP is nice, since there is this distributed database already up,
> running and properly configured.
>
> I wish we could store EVERYTHING in LDAP, since that is easier to
> replicate.


Hi,

at this time I have no clue what kind of informations are stored in the
(internal) DB. Maybe just to check I setup an external DB to be shure
😉
Or does anybody know of a way to dig into the internal database to get
an idea what is actiually stored there?

When I recall the configuration options challenges, tokens and password
history (I guess the information what happend and when) can be stored in
LDAP(eDir) but I guess there is more stored in the DB and it ist not
planed to store every data in LDAP.

Regards,

Thorsten


--
tschloesser
------------------------------------------------------------------------
tschloesser's Profile: https://forums.netiq.com/member.php?userid=3232
View this thread: https://forums.netiq.com/showthread.php?t=53688

0 Likes
Knowledge Partner
Knowledge Partner

Re: Internal or external DB

tschloesser wrote:

> Or does anybody know of a way to dig into the internal database to get
> an idea what is actiually stored there?


Yes you can export the LocalDB to a file using the command:

SSPRCommand.bat ExportSSPRDB

this is explained in the docs, albiet helpfuly hidden under upgrading:
https://www.netiq.com/documentation/sspr3/adminguide/data/b14uca7r.html

Also look at this TID.

https://www.netiq.com/support/kb/doc.php?id=7015912
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.