About the One Identity Synchronization Tool

2023-07-07Last updated

The Genetec ClearID™ One Identity Synchronization Tool is a Windows service that you can use to import identities information from an external system into Genetec ClearID™.

Genetec ClearID™ One Identity Synchronization Tool dialog showing connection information, data sources information, and synchronization settings.
The ClearID One Identity Synchronization Tool includes the following components:
  • Genetec.ClearID.OneIdentity.SynchronizationTool (OneIdentityConfigurationTool.exe) is the user interface component of the windows application that is used to configure the Synchronization Tool.
  • Genetec.ClearID.OneIdentity.SynchronizationService (OneIdentityService.exe) is the Windows service component of the application that performs external system attributes to ClearID identity attributes synchronization automatically in the background at intervals specified in the Synchronization Tool.

Data sources

You can select one or more data sources to be synchronized from an external system. Using the Data sources configuration dialog you configure the Data sources and map the One Identity attributes to their associated external system attributes.
Architecture diagram of the ClearID One Identity Synchronization Tool data synchronization that occurs between the ClearID web application and the data sources that contain external identity attributes information.
Azure Active Directory
The Azure AD data source is an Azure Active Directory that you can import identities information from. For example, importing identities, credentials, and pictures into ClearID.
Database
The database data source can be a Microsoft SQL Server database, an Oracle database, or an ODBC-compliant database that follows the one identity attribute mapping. The database must be accessible from the server where the ClearID One Identity Synchronization Tool is installed. One database can contain one table or view for identities information.
File
The file data source is a delimited text file. For example, a CSV file that follows the one identity attribute mapping, and must be accessible from the server where the ClearID One Identity Synchronization Tool is installed. Each file contains identities information.

Synchronization

Identities in ClearID can come from a variety of data sources (Databases, HR, External Sources) and can be synchronized using various tools (Genetec ClearID™ LDAP Synchronization Agent, Genetec ClearID™ API, or Genetec ClearID™ One Identity Synchronization Tool).
  • LDAP is typically used for Active Directory attributes synchronization into ClearID identities.
  • API is typically used for real-time updates. For example, to remove people quickly. This API synchronization option is the most flexible but it is expensive. 
  • One Identity is typically used for HR systems. For example, to synchronize all employees every day or every 4hrs. The ClearID One Identity Synchronization Tool is configured to synchronize at the same frequency.

One Identity data synchronization

The following information describes One Identity synchronization:
  • Synchronization of external system attributes into ClearID identity attributes is INBOUND only.
    CAUTION: Any changes only made to identities in ClearID can be overwritten by the next synchronization from the external system.
  • Synchronization can be performed manually using the Synchronize now () option, or automatically at the Automatic synchronization intervals specified in the One Identity Synchronization Tool.
    • For each One Identity field that is configured, a custom mapping to the External field in the external system is created. This mapping ensures that the external system attributes can be synchronized into the One Identity attribute fields.
The following diagram illustrates an Azure AD data synchronization:
Diagram of an Azure AD data synchronization in the ClearID One Identity Synchronization Tool showing the workflow steps that synchronize data between the Azure AD data source and the ClearID web application.
The synchronization workflow is essentially the same for all data sources:
  1. Data source information is requested.
  2. Data source information is returned.
  3. Any information changes are processed and detected.
  4. Data source information is pushed to the ClearID web application.

Sample SQL files

For the Database data source option, sample SQL script files are provided with the tool and can be found here:
C:\Program Files (x86)\Genetec ClearID One Identity Synchronization Service
  • Identities_Oracle.sql
  • Identities_SqlServer.sql
The sample SQL script files can be used to test the Database data source solution, or to help you understand the SQL data format.

Sample CSV files

For the File data source option, a sample CSV file is provided with the tool and can be found here:
C:\Program Files (x86)\Genetec ClearID One Identity Synchronization Service
  • Identities.csv
The sample CSV files can be used to test the File data source solution, or to help you understand the CSV data format.