Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide

Components for Deploying Identity Manager and Identity Synchronization for Windows

This section explains the main components of the Identity Manager and Identity Synchronization for Windows deployment:

The Identity Manager Administrator Interface handles resource administration, such as system-wide password changes and user creations. All password changes between Directory Servers and Active Directory domains are synchronized using Identity Synchronization for Windows. Password changes that occur within an Active Directory Domain are synchronized to Directory Server using Identity Synchronization for Windows, and synchronized to all other Identity Manager resources using pwsync, an Identity Manager Dynamic Link Library (DLL) installed on the Primary Domain Controllers of Windows systems. All password changes originating from the Identity Manager Administrator Interface are subsequently propagated to all Identity Manager resources, except the Sun Java System Directory Server. All user creations originating from the Identity Manager Administrator Interface are propagated to all resources, including Directory Servers. See also Configuring pwsync to Not Propagate Passwords to Directory Server.

Figure B–1 Password Synchronization and User Creation in an Identity Manager and Identity Synchronization for Windows Environment

Password
Synchronization and User Creation in an Identity Manager-Identity Synchronization for Windows Environment