MIM Event Broker Operational Considerations

The MIM Event Broker configuration should be well thought-out and tuned for the needs of the Identity Management solution. The following considerations should be taken into account when configuring and maintaining MIM Event Broker:

  • Clearing a management agent's connector space is a fairly intensive operation in MIM. During the deletion of a connector space, MIM Event Broker won't be able to interface with MIM. As a result, deletions of large connector spaces should be expected to prevent execution of operations for its duration.
  • Consider the consistency of the Identity Management solution before enabling MIM Event Broker. Some configurations may require the environment to be in a certain state before delta processing and core MIM Event Broker functionality should be enabled.
  • Full import and synchronization profiles can be time-consuming. It is recommended that delta import and delta synchronization profiles are used where possible, particularly for incoming Operation Lists.
  • Operations should be scheduled with environmental conditions in mind. For example, long-running Operation Lists should not be scheduled to run during database backup periods, or during periods of high activity where other users or systems may be affected. Consider the use of exclusion options in the Schedules.
  • Consider using the Clear Run History operation to clear entries older than 7 days. The operations run history of MIM consumes a significant part of the MIM database, and can also cause overall slowdown when it becomes bloated.
  • Consider scheduling semi-regular full synchronization operations that occur every few days to weekly, depending on the target system. This will assist in maintaining connector space consistency and ensure that any provisioning actions missed by delta processing are picked up.
  • Long running Operation Lists should be scheduled an appropriate distance apart from each other. To stop Operation Lists from running at the same time, where large numbers of changes are expected, the operation lists should all be placed in the same exclusion group. This will minimise or remove MIM database deadlocking.
  • Large or overly complex Operation Lists are not recommended. Progress will not resume from where processing was interrupted should operation list execution fail. In systems with large numbers of management agents, consider splitting functionality into separate operation lists.
  • Regular backups of the MIM Event Broker configuration should be taken by backing up the Extensibility directory, to ensure safe restore points where configuration may change regularly.
  • Keep in mind the constraints on parallelism that exist within MIM. Several full import operations are able to run simultaneously, however, the number of synchronization operations that can run at the same time may be limited depending on the number of systems in which the records are attached.
  • The MIM Event Broker Changes Activity for use in the MIM Portal requires the respective operation list to be enabled, and service to be running - this should also be noted if MIM Event Broker is being used to perform initial load. In this scenario, it is not advisable to disable the MIM Event Broker service or operation list unless the implications of failed workflow instances have been fully assessed.

Is this article helpful for you?