Each mapping rule applies to a scope of objects. By default, this scope includes all objects that belong to the object types specified in the mapping rule. If necessary, you can narrow the scope specified for a particular mapping rule or you can revert to the default scope.
To change the scope of a mapping rule
These elements can take one of the following values:
Once you have created mapping rules for a mapping pair, you need to run the map operation in order to apply these rules and map objects that belong to the mapping pair. There are two methods to run the map operation: you can manually run the map operation once or you can create a recurring schedule to automatically run the map operation on a regular basis.
The latter method is recommended when you want to use Synchronization Service to synchronize passwords from an Active Directory domain to other connected systems.
Running mapping rules on a recurring schedule allows you to properly map newly-created Active Directory user objects to their counterparts in the connected systems where you automatically synchronize passwords with the Active Directory domain. If you do not run mapping rules on a regular basis, some passwords may become out of sync because of the changes that inevitably occur to your environment.
For example, new user objects are created, some user objects are deleted, but Synchronization Service cannot detect these changes and synchronize passwords for the newly-created users before you apply the mapping rules. In this scenario, the best way to ensure Synchronization Service synchronizes all passwords is to apply your mapping rules on a regular basis. You can accomplish this task by creating a recurring schedule for applying your mapping rules.
To run the map operation once
Wait for the map operation to complete.
After the map operation completes, the Synchronization Service Administration Console displays a report that provides information about the objects that participated in the map operation. At this stage, the application does not map the objects. To map the objects, you need to commit the map operation result.
You can click the number that is provided next to an object category name in the report to view the details of objects that belong to that category.
To automatically run the map operation on a recurring schedule
It is recommended to schedule the map operation to run once in every 6 hours.
The results of a scheduled map operation always apply automatically, you do not need to commit the changes.
When performing a scheduled map operation, Synchronization Service always retrieves the required data from the connected data systems and never uses the data available in the local cache.
You can unmap the objects that were mapped earlier.
To unmap objects
After the unmap operation completes, the Synchronization Service Administration Console displays a report which provides information about the objects that participated in the unmap operation. At this stage, the application does not unmap the objects. To unmap them, you need to commit the result of the unmap operation.
You can click the number provided next to an object category name in the report to view the details of objects that belong to that category.
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책