Sun Identity Manager Deployment Guide

Choosing the First Resource

Ideally, the first resource you use to load accounts into Identity Manager has the following characteristics:

The following diagram illustrates a small scenario in which a company has three types of resources. Most of the company’s workers are defined in a Human Resources application, such as PeopleSoft or SAP. However, the company does not enter contractors in the HR application, so the contractors cannot be loaded into Identity Manager using this application. The Active Directory also defines most, but not all, users. (These users might be factory workers with no need for computer access.) Thus, the majority of users are defined in both resources, but neither contains all the users. Some workers also have UNIX accounts.

Figure 4–1 Small Dataloading Scenario

This diagram illustrates that users are not always defined
on all resources.

Which resource should be selected as the first resource? The UNIX resource can be safely eliminated, because it does not contain a comprehensive set of users. Active Directory and the HR application contain about the same number of users, so neither has a clear advantage.

Factors that can help determine whether the Active Directory or HR application should be loaded first include the following: