サポートと今すぐチャット
サポートとのチャット

Identity Manager 9.1 - Target System Synchronization Reference Guide

Target system synchronization with the Synchronization Editor Working with the Synchronization Editor Basics of target system synchronization Setting up synchronization
Starting the Synchronization Editor Creating a synchronization project Configuring synchronization
Setting up mappings Setting up synchronization workflows Connecting systems Editing the scope Using variables and variable sets Setting up start up configurations Setting up base objects
Overview of schema classes Customizing the synchronization configuration Checking the consistency of the synchronization configuration Activating the synchronization project Defining start up sequences
Running synchronization Synchronization analysis Setting up synchronization with default connectors Updating existing synchronization projects Script library for synchronization projects Additional information for experts Troubleshooting errors when connecting target systems Configuration parameters for target system synchronization Configuration file examples

How to delete a mapping

To delete a mappingClosed

  1. Select the Mappings category.
  2. Select a mapping in the navigation view.
  3. Click in the navigation view.
  4. Confirm the security prompt with Yes.
  5. Save the changes.

Properties of a mapping

Enter the following properties for a mappingClosed.

Table 37: Properties of a mapping

Properties

Meaning

Mapping name

Display name for the mapping. The name must be unique within a synchronization projectClosed. Mapping name is used as key. It cannot be changed after saving.

Mapping directionClosed

Mapping direction permitted for all property mapping rules.

Both directions

Property mapping rules are applied to synchronization in both the direction of the target system and One Identity Manager.

Target systemClosed

Property mapping rules are only used for synchronizing in the direction of the target system.

One Identity Manager

Property mapping rules are only used for synchronizing in the direction of One Identity Manager.

Description

Text field for additional explanation.

Hierarchy synchronization

Specifies whether the mapping is part of the hierarchy. This option is important for optimizing synchronization.

Example:

In Active Directory, all the objects in one container are subordinate. Therefore, the containers map a part of the object hierarchy. Set the Hierarchy synchronization option in the container mapping.

Only suitable for updates

Specifies whether schema class objects are never added during synchronization but only updated or deleted.

This option can be used, for example, if not all target system type mandatory properties in One Identity Manager are editable. Example: Active Directory domains.

Can map through multiply referenced objects

Specifies whether mapping by multi-reference rule should be used to mapped referenced objects.

This option must be set, if more than one mapping is set up for a schema type and the schema type is used as a member in a multiple reference rule. You must decide which of these mappings is going to used to map schema properties and to identify the system objects, Normally, the schema type's default mapping is used.

The option can only be set on one mapping of each schema type.

If more than one mapping is defined for a schema type and the option is not set on any mapping, a message appears on all property mapping rules that the schema type uses.

Schema classClosed in One Identity Manager

One Identity Manager schema class valid for this mapping. Displays all schema classes with a configured mapping, in the menu.

  • Click to edit schema class properties.

Create a new schema class to set up a mapping for another schema type.

  • Click to create a new schema class.

SchemaClosed class in the target system

Target system schemaClosed class valid for this mapping. Displays all schema classes with a configured mapping, in the menu.

  • Click to edit schema class properties.

Create a new schema class to set up a mapping for another schema type.

  • Click to create a new schema class.

Detailed information about this topic

Schema class properties

Enter the following properties for a schema class:

Table 38: Schema class properties

Property

Meaning

Class types

Types of schema classes. The class type can only be specified when a new schema class is added.

Generic schema class

Schema classClosed without a filter function.

Unique objects

SchemaClosed classes, which filter objects based on unique values from different properties. Only distinct objects are filtered. This prevents the system connector from trying to add objects that already exist.

Schema typeClosed

Select the schema type for which you want to create a schema class.

Display name

Schema class display name.

Class name

Unique schema class identifier By default, the class name is based on the schema type. The class name must be unique within a schema type.

Description

Text field for additional explanation.

Distinction

Schema properties, which form a unique value when combined.

This only applies to schema classes with the class type "Unique objects"

CAUTION: The schema class filters objects in an undefined order. Therefore, the result may not be the same each time the filter is used.

Only use this class type for mapping in the direct of One Identity Manager. Otherwise, you cannot guarantee that the same object is updated every time the CSV file is written.

FilterClosed

System filterClosed

Filter that immediately affects the connection system.

Enter the filter in system specific notation, for example, as Where clause for a database system or as LDAP filter for an LDAP system.

If tested against a fixed value that contains at least two dollar characters, the dollar characters must be masked.

NOTE: The system filter does not work, if changes are being provisioned. Therefore, it may not filter more objects than the object selection.

Object selectionClosed

Filter that affects loaded objects.

Condition

Formulate a query for loaded objects. Use the wizard for entering filter.

Script

You can also store a script which determines system objects. The script must be written in the script language specified in the synchronization projectClosed.

NOTE: Object selection must include the filter criteria of the system filter so that One Identity Manager can also assign schema class object when provisioning.

Related topics

Use cases for class types

You want to import employee and organizationClosed data from an external personnel management system into One Identity Manager. All the data is provided in a CSV file and transferred to the database through the CSV connectorClosed in the One Identity Manager database.

Table 39: Example of a CSV file

 

Lastname

FirstName

Department

Location

1

Name1

User1

Marketing

London

2

Name2

User2

Marketing

Berlin

3

Name3

User3

Marketing

London

4

Name4

User4

Sales

Berlin

5

Name5

User5

Sales

London

6

Name6

User6

Sales

Berlin

Employee objects, departments, and location will be added to the One Identity Manager database from this data. The CSV synchronizationClosed exits with an error when a second object with the same name is added because the names of the departments and location are not unique. This can be prevented.

Which objects should be created?

  1. Employees with the LastName and FirstName properties. Object can be uniquely identified through these two properties. The file contain six different objects.

  2. Departments with the Department and Location properties. The file contains four different objects.

  3. Location with the Location property. The file contains two different objects.

For 2. and 3. distinct objects must be supplied Therefore, schema classes with the class type "Unique objects" are created in the mapping.

To set up the mappings

  1. Create a mapping for employees.

    • Create a new schema class in the target system.

      Select the Generic schema class class type and enter the mandatory data.

  2. Create a mapping for the department.

    • Create a new schema class in the target system.

      1. Select the Unique objects class type and enter the mandatory data.

      2. Enable Department and Location on the Distinction tab.

        The schema class filters exactly those objects from the CSV file that are unique identifiable by the combination of Department and Location.

  3. Create a mapping for the location.

    • Create a new schema class in the target system.

      1. Select the Unique objects class type and enter the mandatory data.

      2. Enable Location on the Distinction tab.

        The schema class filters exactly those objects from the CSV file that are unique identifiable by the Location property.

  4. Check the filter results in the target system browser.

    Table 40: SchemaClosed class definition results

    Schema classClosed

    Filtered Objects

    Employees

    Name1; User1

    Name2; User2

    Name3; User3

    Name4; User4

    Name5; User5

    Name6; User6

    Departments

    Marketing; London

    Marketing; Berlin

    Sales; London

    Sales; Berlin

    Locations

    London

    Berlin

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択