Identity Finder Information and Discussion

Best practices and other information.  Please add to and modify this list as appropriate

Server configuration 

• SQL Server hardware configurations for Identity Finder 4's Console Server
• Communication with clients
  • All communication between the clients and the service is encrypted regardless of whether https is used.  ID Finder tech support says: "For the /Console access HTTPS is fine, however there could potentially be issues with the /Services application (/Services is what the client uses to send data to the console).  The issue is that if the HTTPS certificates are not fully trusted on the client, then it will not allow communication with the server.  HTTPS is not necessary on the /Services application because the Identity Finder Client will encrypt all data with AES encryption before sending it to the server.  Our recommended configuration is to have HTTPS enabled for /Console but not for /Services.  If you are unable to use this type of configuration let us know and we can try and help you get HTTPS working for /Services."
  • If server is unavailable, clients store report information until server can be contacted
  • Clients update their policy settings from the server every 5 minutes (300 seconds) by default.  This can be changed via the policy/registry setting Console\pollingInterval).  The server never inititates a connection to the client - the client always initiates, which makes client firewall management much easier.
    

Client configuration

• Draft MSI configuration and server policy configuration for CALS
• Procedure to update custom MSI files when versions change
• Command line switches
• What files does Identity Finder scan?
• File extension exclusions
• ILR's v.3.x Client registry settings
• ILR's v.3.x client autorun scripts
• Delete the user profile (which also resets the password)
  

User documentation

• CALS IDF step-by-step walkthrough

Issues and concerns

• Clients cannot scrub Office docs older than version 2007
• Clients cannot scrub PDF docs
• Does not scan Filemaker files reliably (especially post FM V.6)
• Crashing with the Mac client
• Deleting emails inside Eudora and T-Bird mailboxes from the client is highly problematic
• Doing a clean uninstall produces multiple systems in the Console, with an IDF-generated GUID appended
• Console does not seem to sync with AD (it will do an initial sync, but doing it on a schedule does not appear to work
• Console is unbelievably slow
• If multiple users on the same computer use Identity Finder with their own user settings, upon uninstall, user settings will only be removed from the profile of the user who does the install
• MAPI32.DLL error with Eudora 6.2.5.6.  User will be unable to launch Identity Finder (will see the password prompt and then an error: is "The ordinal 30 could not be located in the dynamic link library MAPI32.DLL".  ID Finder recommends the following: run fixmapi (the MS tool) - Click the Start button and choose Run.  In the run dialog box, type "fixmapi" without the quotes and click OK.  There will be no visual indication that anything happened.  Then reboot the machine and try again.  If that doesn't correct the issue, we have seen this issue occur when Eudora is set to use its MAPI server "Always" - please switch the value to "Only When Eudora Is Running" and then reboot and give it a try.