Use this method when Directory Server activations and inactivations are controlled exclusively by an external application such as Sun Java System Access Manager (formerly Sun JES Identity Server).
When you configure a custom method for Directory Server, you must specify the following:
How Identity Synchronization for Windows will detect that the external application has activated or inactivated an object in Directory Server.
How Identity Synchronization for Windows will activate or inactivate the object when synchronizing from Active Directory to Directory Server.
If you enable the Use custom method for Directory Server option, Identity Synchronization for Windows cannot lock objects out of the directory unless access to the directory is controlled by an external application, such as Access Manager.
To configure a Custom method for activations and inactivations, click the Configure button and the Configure Custom Method for Directory Server dialog box is displayed.
This dialog contains the following features:
Activation state attribute drop-down list : Use this list to specify an attribute that Identity Synchronization for Windows will use to synchronize activations and inactivations between Directory Server and Active Directory.
The list contains all attributes in the schema for the currently selected Directory Server structural and auxiliary objectclasses.
Value and State table: Use this table to specify when values associated with the selected attribute are activated or inactivated.
Value column: Use this column (in conjunction with the New and Remove buttons) to specify attribute values that will be used to indicate active or inactive states.
The program automatically provides two values in this column:
No Value: Where the Activation state attribute has no value.
All Other Values: Where the Activation state attribute has a value, but that value is not specified in this Value and State table.
State column: Use this column to specify whether the Value entry (in the same row) corresponds to an object that is activated or inactivated.
Value |
State |
Result |
No Value |
Activated |
If the attribute is missing or does not have a value, Identity Synchronization for Windows detects the object as activated. |
Inactivated |
If the attribute is missing or does not have a value, Identity Synchronization for Windows detects the object as inactivated. |
|
user-definedvalues |
Activated |
If the attribute has the user-defined attribute, Identity Synchronization for Windows detects the object as activated. |
Inactivated |
If the attribute has the user-defined attribute, Identity Synchronization for Windows detects the object as inactivated. |
|
All Other Values |
Activated |
If the attribute has a value, but that value is not specified in the table, Identity Synchronization for Windows detects the object as activated. |
Inactivated |
If the attribute has a value, but that value is not specified in the table, Identity Synchronization for Windows detects the object as inactivated. |
New button: Click this button to add new entries to the Value column.
Remove button: Select an entry in the Value column, and then click this button to remove that entry.
Activated value and Inactivated value drop-down lists: Use these two lists to specify values that Identity Synchronization for Windows will use to set an object’s state.
Synchronizing Activations and Inactivations