To create a connection to One Identity Manager, you need to use Synchronization Service in conjunction with a special connector called One Identity Manager Connector. This connector is included in the Synchronization Service package.
The One Identity Manager Connector supports the following Synchronization Service features:
Feature |
|
Bidirectional synchronization Allows you to read and write data in the connected data system. |
Yes |
Delta processing mode Allows you to process only the data that has changed in the connected data system since the last synchronization operation, thereby reducing the overall synchronization operation time. |
Yes |
Password synchronization Allows you to synchronize user passwords from One Identity Manager domain to the connected data system. |
No |
In this section:
See also:
Synchronization Service supports One Identity Manager out of the box, so you can create a connection to Identity Manager just after you install Synchronization Service.
To create a new connection
The One Identity Manager modules, target systems, and containers are displayed.
|
NOTE: The One Identity Manager target systems and One Identity Manager containers are applicable only for the Target System Base module (UNS..B tables). |
To modify connection settings
The One Identity Manager modules, target systems, and containers are displayed.
|
NOTE: The One Identity Manager target systems and One Identity Manager containers are applicable only for the Target System Base module (UNS..B tables). |
One Identity Manager connector saves its configuration settings in the file OneIdentityManagerConnectorConfiguration.xml located in the folder <Active Roles installation folder>\One Identity ManagerConnector. You can edit the XML elements in the file to configure the various parameters of the One Identity Manager Connector. The table below describes the XML elements you can edit.
XML element |
Description |
<ExcludeDeletedObjects> |
Specifies how Active Roles will treat objects marked as deleted in Identity Manager. This element can take one of the following values:
Example: <ExcludeDeletedObjects> |
<PasswordAttributes> |
Specifies the default Identity Manager attribute to be used for storing passwords for objects of a particular type. Specifying an attribute for storing passwords in the Active Roles GUI overrides the value set in this XML element. Example: <PasswordAttributes> |
<ReadFullSync> |
Specifies a value of the FullSync variable for Read operations performed in Identity Manager. |
<CreateFullSync> |
Specifies a value of the FullSync variable for Create operations performed in Identity Manager. |
<ModifyFullSync> |
Specifies a value of the FullSync variable for Modify operations performed in Identity Manager. |
<DeleteFullSync> |
Specifies a value of the FullSync variable for Delete operations performed in Identity Manager. |
<ObjRefFullSync> |
Specifies a value of the FullSync variable for Modify Object Reference operations performed in Identity Manager. |
<SyncStatusFullSync> |
Specifies a value of the FullSync variable for Sync Status operations performed in Identity Manager. |
For more information about the FullSync variable and the values it can take, see the One Identity Manager documentation.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy