Advanced Configuration

9 min

this document outlines advanced configuration techniques and troubleshooting steps for activate security group compliance manager (sgcm) it is intended for administrators and engineers managing complex or high scale environments advanced configuration sgcm offers flexible configuration options to extend monitoring scope, integrate with other activate products, and fine tune event processing extending the schema the default sgcm connector schema can be extended to include additional active directory attributes this allows organisations to monitor and respond to changes beyond the standard set to extend the schema open activate studio navigate to resources > active directory locate and edit the schema parameter add a new column definition using the following format \<column name="extensionattribute1" type="varchar(256)" default="''" /> after editing the schema, run the regenerate schema task to apply changes, then reimport data using the import workflow adjusting polling and event sensitivity sgcm’s polling frequency and event thresholds can be adjusted to balance performance and responsiveness true 220,220,221left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type for high change environments, consider increasing connector polltime or setting maxchanges to a practical limit event handler customisation event handlers can be customised to include additional logic, such as department specific alerts or dynamic role lookups example department based notification \<events> \<update> \<notify> \<users>=//roles/departments/%=//current/department%\</users> \<message> \<subject>departmental group change detected\</subject> \<body>\<!\[cdata\[ a change to group membership was detected in the %=//current/department% department object %=//current/displayname% ]]>\</body> \</message> \</notify> \</update> \</events> performance tuning to optimise sgcm performance run the fullworkflowwithgroups workflow at intervals suitable for your environment avoid unnecessary attribute monitoring by disabling the @monitor flag on low priority columns regularly clean up historical compliance data using scheduled maintenance tasks ensure the activate orchestrator service has sufficient memory and processing capacity common issues and solutions true 220,220,221left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type left unhandled content type diagnostic tools use the following methods to diagnose sgcm issues activate logs – review orchestrator logs for event and workflow errors connector data view – inspect pending or failed change rows under resources > active directory audit history – check the audit log for recorded remediation actions or notifications sql queries – analyse connector tables to verify import status or object counts maintenance recommendations to maintain long term stability and accuracy perform a full reimport after significant ad structural changes archive or purge historical connector data regularly verify background polling workflows weekly schedule periodic restarts of the activate orchestrator during maintenance windows escalation and support if internal troubleshooting does not resolve the issue collect relevant log files from the activate orchestrator export event configurations from the affected domain resource contact your activate support representative with the error details, workflow configuration, and orchestrator logs summary advanced configuration allows sgcm to adapt to diverse organisational structures and compliance requirements with proper schema management, performance tuning, and event customisation, sgcm ensures continuous, accurate, and efficient monitoring of active directory environments