Document Information


Part I Installing Identity Synchronization for Windows

1.  Understanding the Product

2.  Preparing for Installation

3.  Installing Core

4.  Configuring Core Resources

5.  Installing Connectors

6.  Synchronizing Existing Users and User Groups

7.  Removing the Software

8.  Configuring Security

9.  Understanding Audit and Error Files

Part II Identity Synchronization for Windows Appendixes

A.  Using the Identity Synchronization for Windows Command Line Utilities

B.  Identity Synchronization for Windows LinkUsers XML Document Sample

C.  Running Identity Synchronization for Windows Services as Non-Root on Solaris

D.  Defining and Configuring Synchronization User Lists for Identity Synchronization for Windows

E.  Identity Synchronization for Windows Installation Notes for Replicated Environments



This guide covers installation and configuration information for Sun Java System Identity Synchronization for Windows.

Who Should Use This Book

If you are installing Directory Server Enterprise Edition software for evaluation purposes only, put this guide aside for now, and see Sun Directory Server Enterprise Edition 7.0 Evaluation Guide.

This Installation Guide is for administrators deploying Directory Server Enterprise Edition, Directory Service Control Center, and Identity Synchronization for Windows software. This document also covers configuration of Identity Synchronization for Windows.

Before You Read This Book

Review pertinent information in the Sun Directory Server Enterprise Edition 7.0 Release Notes.

If you are deploying Directory Server Enterprise Edition software in production, also review pertinent information in the Sun Directory Server Enterprise Edition 7.0 Deployment Planning Guide.

Readers installing Identity Synchronization for Windows should be familiar with the following technologies:

Sun Directory Server Enterprise Edition Documentation Set

This documentation set explains how to use Sun Directory Server Enterprise Edition to evaluate, design, deploy, and administer directory services. In addition, it shows how to develop client applications for Directory Server Enterprise Edition. The Directory Server Enterprise Edition documentation set is available at

The following table lists all the available documents.

Table P-1 Directory Server Enterprise Edition Documentation

Document Title
Contains the latest information about Directory Server Enterprise Edition, including known problems.
Contains links to key areas of the documentation set that help you to quickly locate the key information.
Introduces the key features of this release. Demonstrates how these features work and what they offer in the context of a deployment that you can implement on a single system.
Explains how to plan and design highly available, highly scalable directory services based on Directory Server Enterprise Edition. Presents the basic concepts and principles of deployment planning and design. Discusses the solution life cycle, and provides high-level examples and strategies to use when planning solutions based on Directory Server Enterprise Edition.
Explains how to install the Directory Server Enterprise Edition software. Shows how to configure the installed software and verify the configured software.
Provides upgrade instructions to upgrade the version 6 installation and migration instructions to migrate version 5.2 installations.
Provides command-line instructions for administering Directory Server Enterprise Edition.

For hints and instructions about using the Directory Service Control Center, DSCC, to administer Directory Server Enterprise Edition, see the online help provided in DSCC.

Shows how to develop directory client applications with the tools and APIs that are provided as part of Directory Server Enterprise Edition.
Introduces technical and conceptual foundations of Directory Server Enterprise Edition. Describes its components, architecture, processes, and features.
Describes the command-line tools, schema objects, and other public interfaces that are available through Directory Server Enterprise Edition. Individual sections of this document can be installed as online manual pages.
Provides information for defining the scope of the problem, gathering data, and troubleshooting the problem areas by using various tools.
Provides general guidelines and best practices for planning and deploying Identity Synchronization for Windows.
Describes how to install and configure Identity Synchronization for Windows.
Provides additional installation instructions in context of Directory Server Enterprise Edition 7.0.

For an introduction to Directory Server Enterprise Edition, review the following documents in the order in which they are listed.

image:DSEE documentation map

Related Reading

The SLAMD Distributed Load Generation Engine is a Java application that is designed to stress test and analyze the performance of network-based applications. This application was originally developed by Sun Microsystems, Inc. to benchmark and analyze the performance of LDAP directory servers. SLAMD is available as an open source application under the Sun Public License, an OSI-approved open source license. To obtain information about SLAMD, go to SLAMD is also available as a project. See

Java Naming and Directory Interface (JNDI) supports accessing the Directory Server using LDAP and DSML v2 from Java applications. For information about JNDI, see The JNDI Tutorial contains detailed descriptions and examples of how to use JNDI. This tutorial is at

Directory Server Enterprise Edition can be licensed as a standalone product, as part of a suite of Sun products, such as the Sun Java Identity Management Suite, or as an add-on package to other software products from Sun.

Identity Synchronization for Windows uses Message Queue with a restricted license. Message Queue documentation is available at

Identity Synchronization for Windows works with Microsoft Windows password policies.

Redistributable Files

Directory Server Enterprise Edition does not provide any files that you can redistribute.

Default Paths and Command Locations

This section explains the default paths used in documentation, and provides locations of commands on different operating systems and deployment types.

Default Paths

The table in this section describes the default paths that are used in this document. For complete descriptions of the files installed, see Chapter 1, Directory Server Enterprise Edition File Reference, in Sun Directory Server Enterprise Edition 7.0 Reference.

Table P-2 Default Paths

Default Value
Represents the base installation directory for Directory Server Enterprise Edition software.
When you install from a zip distribution using unzip, the install-path is the current-directory/dsee7.

When you install from a native package distribution, the default install-path is /opt/SUNWdsee7.

Represents the full path to an instance of Directory Server or Directory Proxy Server.

Documentation uses /local/dsInst/ for Directory Server and /local/dps/ for Directory Proxy Server.

No default path exists. Instance paths must nevertheless always be found on a local file system.

On Solaris systems, the /var directory is recommended:

Represents the parent directory of the Identity Synchronization for Windows installation location
Depends on your installation. Note that the concept of a serverroot no longer exists for Directory Server and Directory Proxy Server.
Represents the Identity Synchronization for Windows instance directory
Depends on your installation
Represents the default path and file name of the client’s certificate database for Identity Synchronization for Windows
Represents the default path to the Identity Synchronization for Windows local log files for the System Manager, each connector, and the Central Logger
Depends on your installation
Represents the default path to the Identity Synchronization for Windows central log files
Depends on your installation

Command Locations

The table in this section provides locations for commands that are used in Directory Server Enterprise Edition documentation. To learn more about each of the commands, see the relevant man pages.

Table P-3 Command Locations

Native Package Distribution
Zip Distribution
Solaris, Linux, HP—UX —


Windows -


Not provided
At the root of the unzipped zip distribution

Typographic Conventions

The following table describes the typographic conventions that are used in this book.

Table P-4 Typographic Conventions

The names of commands, files, and directories, and onscreen computer output
Edit your .login file.

Use ls -a to list all files.

machine_name% you have mail.

What you type, contrasted with onscreen computer output
machine_name% su


Placeholder: replace with a real name or value
The command to remove a file is rm filename.
Book titles, new terms, and terms to be emphasized
Read Chapter 6 in the User's Guide.

A cache is a copy that is stored locally.

Do not save the file.

Note: Some emphasized items appear bold online.

Shell Prompts in Command Examples

The following table shows the default UNIX system prompt and superuser prompt for the C shell, Bourne shell, and Korn shell.

Table P-5 Shell Prompts

C shell
C shell for superuser
Bourne shell and Korn shell
Bourne shell and Korn shell for superuser

Shell Prompts in Command Examples

The following table shows default system prompts and superuser prompts.

Table P-6 Shell Prompts

C shell on UNIX and Linux systems
C shell superuser on UNIX and Linux systems
Bourne shell and Korn shell on UNIX and Linux systems
Bourne shell and Korn shell superuser on UNIX and Linux systems
Microsoft Windows command line

Symbol Conventions

The following table explains symbols that might be used in this book.

Table P-7 Symbol Conventions

[ ]
Contains optional arguments and command options.
ls [-l]
The -l option is not required.
{ | }
Contains a set of choices for a required command option.
-d {y|n}
The -d option requires that you use either the y argument or the n argument.
${ }
Indicates a variable reference.
References the value of the com.sun.javaRoot variable.
Joins simultaneous multiple keystrokes.
Press the Control key while you press the A key.
Joins consecutive multiple keystrokes.
Press the Control key, release it, and then press the subsequent keys.
Indicates menu item selection in a graphical user interface.
File -> New -> Templates
From the File menu, choose New. From the New submenu, choose Templates.

