You have used the Synchronization EditorOne Identity Manager tool for configuring target system synchronization. to set up a synchronization project for initial synchronization with a cloud application. You can use this synchronization project to load cloud application objects into the One Identity Managercloud database. If you manage user accounts and their authorizations with One Identity Manager, changes are provisioned in the cloud application.
You must customize the synchronization configuration in order to compare the database with the cloud application regularly and to synchronize changes.
|
IMPORTANT: As long as synchronization is running, you must not start another synchronization for the same target system. This applies especially, if the same synchronization objects would be processed.
|
For more detailed information about configuring synchronization, see the One Identity Manager Target SystemAn instance of a target system in which the employees managed by One Identity Manager have access to network resources. Example: An Active Directory domain X for target system type "Active Directory", a directory Y for target system type "LDAP", a client Z for target system type "SAP R/3". Synchronization
The process of comparing data between One Identity Manager and a target system. Objects and their properties are compared by fixed rules. Synchronization results in the identical data situation in the target system and One Identity Manager database. Reference Guide.
The synchronization project for initial synchronization provides a workflow for initial loading of
To create a synchronization configuration for synchronizing a cloud application
Open the synchronization project in the Synchronization EditorOne Identity Manager tool for configuring target system synchronization..
This adds a workflow for synchronizing in the direction of the target system.
Run a consistency check.
All the schema data (schema types and schema properties) of the target system schema and the One Identity Manager schema are available when you are editing a synchronization project. Only a part of this data is really needed for configuring synchronization. If a synchronization project is finished, the schema is compressed to remove unnecessary data from the synchronization project. This can speed up loading the synchronization project. Deleted schema data can be added to the synchronization configuration again at a later point.
If the target system schema or the One Identity Manager schema has changed, these changes must also be added to the synchronization configuration. Then the changes can be added to the schema property mapping.
To include schema data that have been deleted through compressing and schema modifications in the synchronization project, update each schema in the synchronization project. This may be necessary if:
To update a system connection schema
Open the synchronization project in the Synchronization EditorOne Identity Manager tool for configuring target system synchronization..
- OR -
Select the categoryConfiguration | One Identity Manager connection.
This reloads the schema data.
To edit a mapping
Open the synchronization project in the SynchronizationThe process of comparing data between One Identity Manager and a target system. Objects and their properties are compared by fixed rules. Synchronization results in the identical data situation in the target system and One Identity Manager database. Editor.
Opens the MappingList of object matching rules and property mapping rules which map the schema properties of two connected systems to one another. Editor. For more detailed information about editing mappings, see One Identity Manager Target System
An instance of a target system in which the employees managed by One Identity Manager have access to network resources. Example: An Active Directory domain X for target system type "Active Directory", a directory Y for target system type "LDAP", a client Z for target system type "SAP R/3". Synchronization Reference Guide.
|
NOTE: The synchronization is deactivated if the schema of an activated synchronization project is updated. Reactivate the synchronization project to synchronize. |
When you start synchronization, all synchronization objects are loaded. Some of these objects have not be modified since the last synchronization and, therefore, must not be processed. SynchronizationThe process of comparing data between One Identity Manager and a target system. Objects and their properties are compared by fixed rules. Synchronization results in the identical data situation in the target system and One Identity Manager database. is accelerated by only loading those object pairs that have changed since the last synchronization. One Identity Manager uses revision filtering to accelerate synchronization.
SCIM supports revision filtering. The cloud objects' date of last change is used as revision counter. Each synchronization save its last execution date as revision in the the One Identity Manager database (table DPRRevisionStore, column Value). This value is used as a comparison for revision filtering when the same workflow is synchronized the next time. When this workflow is synchronized the next time, the cloud objects' change date is compared with theOne Identity Manager revision saved in the database. Only those objects that have been changed since this date are loaded from the cloud application.
The revision is found at start of synchronization. Objects changed after this point are included with the next synchronization.
RevisionHighest value for change data for all system objects to be synchronized when synchronization is run. This value is saved in the table "DPRRevisionStore", column "value". filtering can be applied to workflows and start up configuration.
To permit revision filtering on a workflow
Open the synchronization project in the Synchronization EditorOne Identity Manager tool for configuring target system synchronization..
To permit revision filtering for a start up configuration
Open the synchronization project in the Synchronization Editor.
For more detailed information about revision filtering, see the One Identity Manager Target SystemAn instance of a target system in which the employees managed by One Identity Manager have access to network resources. Example: An Active Directory domain X for target system type "Active Directory", a directory Y for target system type "LDAP", a client Z for target system type "SAP R/3". Synchronization Reference Guide.
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy