Chat now with support
Chat with Support

Identity Manager 9.0 LTS - Target System Synchronization Reference Guide

Target system synchronization with the Synchronization Editor Working with the Synchronization Editor Basics of target system synchronization Setting up synchronization
Starting the Synchronization Editor Creating a synchronization project Configuring synchronization
Setting up mappings Setting up synchronization workflows Connecting systems Editing the scope Using variables and variable sets Setting up start up configurations Setting up base objects
Overview of schema classes Customizing the synchronization configuration Checking the consistency of the synchronization configuration Activating the synchronization project Defining start up sequences
Running synchronization Synchronization analysis Setting up synchronization with default connectors Updating existing synchronization projects Script library for synchronization projects Additional information for experts Troubleshooting errors when connecting target systems Configuration parameters for target system synchronization Configuration file examples

Target system synchronization with the Synchronization Editor

The main feature of One Identity Manager is to mapClosed employees together with the main data and permissions available to them in different target systems. To achieve this, information about user accounts and permissions can be read from the target system into the One Identity Manager database and linked to employees. This provides an overview of the permissions for each employee in all of the connected target systems. One Identity Manager offers the option of managing user accounts and their permissions. You can provision modifications in the target systems. Employees are supplied with the necessary permissions in the connected target systems according to their function in the company. Regular synchronizationClosed keeps data consistent between target systems and the One Identity Manager database.

One Identity Manager instantiates connecting the various target systems to the Synchronization EditorClosed. Use this tool to configure data synchronization for any target system and specify which target system data is mapped to the One Identity Manager database. You also define the object propertiesClosed mapping and the synchronization sequence as a workflow.

One Identity Manager provides default mappings and workflows for synchronizing all target systems which are supported by the installed modules.

Architecture

Use the Synchronization EditorClosed to configure synchronization between the One Identity Manager database and a target system. A system connector takes over the connection to and communication with the target system. The system connector prepares target system objects propertiesCloseds, and methods such that they can be read and written by One Identity Manager. The system connector communicates with the target system and carries out all read and write operations.

Figure 1: One Identity Manager Target systemClosed synchronization components

Synchronization and provisioning

During target system synchronizationClosed with the One Identity Manager database, system objects and their properties are compared with one another. Synchronization results in the target system and One Identity Manager database having an identical data structure. Some target systems are supported by default. For these target systems, One Identity Manager provides default processes and workflows.

Provisioning

In addition, changes to One Identity Manager database objects can be promptly provisioned in the connected target systems. For standard target systems, One Identity Manager provides default processes and workflows for provisioning.

The same workflows and mappings can be used for provisioning as for synchronization. The processing methods defined in the synchronization stepClosed are only run during provisioning if the condition defined in the processing method is fulfilled and the synchronization and mapping directionsClosed for the object to process match.

Object changes are not provisioned in target system connections with read-access only.

Synchronization of single objects

For standard target systems, Changes made to individual objects in the target system can be immediately applied in the One Identity Manager database without having to start a full synchronization of the target system environment. provides dOne Identity Managerefault processes and workflows for synchronizing single objects.

The same workflows and mappings can be used for single object synchronization as for synchronization. The processing methods defined in the synchronization step are only run during single object synchronization if the condition defined in the processing method is fulfilled and the synchronization and mapping directions for the object to process match.

Individual objects can only be synchronized if the object is already present in the One Identity Manager database. The changes are applied to the mapped object propertiesClosed. If the object is no longer present in the target system, then it is deleted from the One Identity Manager database.

Related topics

Working with the Synchronization Editor

The Synchronization EditorClosed is the One Identity Manager tool you use to configure synchronization of the One Identity Manager database on the one side and any target system on the other. The Synchronization Editor provides a homogeneous interface for all target systems to be controlled.

You can run the following tasks with the Synchronization Editor:

  • Set up a connection to any target system
  • Load target system schema and mapping with the One Identity Manager database schema (called "One Identity Manager schema" in the following)
  • Specify key object propertiesClosed based on which the other associated objects are identified during synchronization (object matching rules).
  • Specify the base object and scope of synchronization
  • Define filters to limit the number of objects to synchronize
  • Specify the direction of synchronization
  • Define the synchronization workflowClosed
    • Select schema classes to be synchronized
    • Specifying processing methods
    • Define the sequence of synchronization steps
  • Specify the time and frequency of synchronization

There are different ways to start the Synchronization Editor.

  • From the Windows start menu using the One Identity > One Identity Manager > Configuration > Synchronization Editor entry.

  • From the Launchpad.

  • In the Manager

  • From the command line.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating