Chat now with support
Chat with Support

Identity Manager 8.0 - Target System Synchronization Reference Guide

Target Synchronization with the Synchronization Editor Basics of Target System Synchronization Setting up Synchronization
Starting the Synchronization Editor Creating a Synchronization Project How to Configure Synchronization
Setting Up Mappings Setting up Synchronization Workflows Connecting Systems Editing the Scope Using Variables and Variable Sets Setting up Start up Configurations Setting up Base Objects
Overview of schema Classes Customizing Synchronization Configuration Checking Synchronization Configuration Consistency Activating the Synchronization Project
Running Synchronization Synchronization Analysis Setting up Synchronization with Default Connectors Updating Existing Synchronization Projects Additional Information for Experts Error Handling Appendix: Example of a Configuration File

How to Create Property Mapping Rules

How to Create Property Mapping Rules

To create a property mapping rule

  1. Select the category Mappings.
  2. Select a mapping in the navigation view.
  3. Click in the rule view menu bar for property mapping rules.
  4. Select a rule type and enter the rule details.
  5. To create a rule from a template, click .
  6. Click OK.

To create a property mapping rule by "drag and drop".

  1. Select the category Mappings.
  2. Select a mapping in the navigation view.
  3. Select the schema property to map in the schema view.
  4. Drag the schema property with the mouse from one schema view onto the schema property in the other schema view.
  5. If the schema property data types match, a property mapping rule is added for the selected schema property. You can edit the rule details later.

    If the schema property data types do not match, the conflict wizard is started which helps you create the property mapping rules.

One Identity Manager helps you to set up new property mapping rules based on existing rules. Use the mapping wizard for this.

To create a property mapping rule with the mapping wizard

  1. Select the category Mappings.
  2. Select a mapping in the navigation view.
  3. Click in the rule view menu bar for property mapping rules.
  4. Follow the mapping wizard's instructions
  5. Test the new rule.

How to Edit Property Mapping Rules

How to Edit Property Mapping Rules

To edit a property mapping rule

  1. Select the category Mappings.
  2. Select a mapping in the navigation view.
  3. Double-click on the property mapping rule you want to edit in the rule view.
  4. Edit the rule details.
  5. Click OK.

How to Delete Property Mapping Rules

How to Delete Property Mapping Rules

To delete a property mapping rule

  1. Select the category Mappings.
  2. Select a mapping in the navigation view.
  3. Click in the rule view menu bar for property mapping rules.
  4. Confirm the security prompt with Yes.

Property Mapping Rule Details

Property Mapping Rule Details

Enter the following details for a property mapping rule.

Tip: To create a rule from a template, click .
Table 39: Property Mapping Rule Details
Detail Description
Rule Types Select the rule type for a new rule.
Value compare rule Compares the schema property value of the One Identity Manager schema with the value of a target system schema.
Multiple reference rule Compares multi-value schema properties. The value list are compared element by element. Missing values are added; superfluous value are deleted.
Rule name Name for the rule. The rule name must be unique within a mapping.

Click to change rule names. The rule name is used as key. Changes to the rule name may cause errors.

Display name Rule display name.
Mapping directionClosed Specify the permitted mapping direction for mapping selected schema properties.
Both directions Property mapping ruleClosed is applied for both synchronization in the direction of the target system and synchronization direction One Identity Manager.
Target system Property mapping rule is only used for synchronizing in the direction of the target system.
One Identity Manager Property mapping rule is only used for synchronizing in the direction of the One Identity Manager.
Do not assign

The property mapping rule is ignored.

You can set this value to disable a property mapping rule.

Taken from mapping The mapping direction applies which is fixed in the mapping.
Ignore mapping direction restrictions on adding If this option is set, the specified mapping direction is ignored when new objects are added. Property mapping rules not assigned a mapping direction are also ignore when new objects are added.

If this option is not set, the specify mapping direction is valid when new objects are added.

NOTE: This option is set by default. Only disable it if the schema property is subject to system related limitations.

Example:

An Active Directory environment should be administrated through One Identity Manager. One Identity Manager is the master system for synchronizing both systems. The user account object GUIDs are, however, not mapped in One Identity Manager but in the Active Directory environment. The mapping direction "One Identity Manager" is set in object GUID. To prevent the object GUID of newly added user accounts from being written to the Active Directory environment, the option Ignore mapping direction restrictions on adding must not be set.

Description Spare text box for additional explanation.
Schema propertyClosed Select the schema properties to be mapped.
Do not overwrite The schema property value is only changed by synchronization if the schema property does not contain a value.
MappingClosed condition Condition under which the property mapping rule is used.

Click Create condition to create the condition with the wizard. For more information, see Wizard for Entering Filters.

Example: Left.CanonicalName = 'Managed Service Accounts'

The property mapping rule is applied to all objects assigned to the container "Managed Service Accounts" in One Identity Manager.

Table 40: Additional Detail of a Value Compare Rule
Detail Description
Force mapping against direction of synchronization If this option is set, the property mapping rule can also be applied if the synchronization mapping is in the opposite direction. For more information, see Mapping against the Direction of Synchronization.

"Target system" or "One Identity Manager" must be set as mapping direction. The property mapping rule may not be executed in both directions.

The option can only be set if Detect rogue modifications is not set.

Detecting rogue modifications If this option is set, rogue modifications are detected and logged. For more information, see Detecting Rogue Modifications.

This option can only be set if Force mapping against direction of synchronization is disabled.

Correct rogue modifications If this options is set, rogue modifications are corrected. For more information, see Detecting Rogue Modifications.

The option can only be set if Detect rogue modifications is set.

The option may only be set if the schema property that may changed through the correction has write-access.

Example:

Rogue modificationClosed should be corrected when schema property "DB abc" (in One Identity Manager) and "TS rst" (in the target system) are synchronized. The mapping direction is "Target system". The option Detect rogue modifications may only be set id the schema property "DB abc" has write-access.

Ignore case If this option is set, the mapping ignores case sensitivity.

If this option is not set, case sensitivity is taken into account in the mapping.

Deal with the first value of the property as a single value If a multi-value schema property is mapped using a value compare rule, the first value from the value list is taken into account by synchronization.
Table 41: Additional Detail of a Multi-Reference Mapping Rule
Member filter Description
Only include these Select all members in the value list to be mapped to the schema property of the connected system.
Exclude these Select all members in the value list not to be mapped to the schema property of the connected system.
Related Documents