Oracle® Identity Manager Password Synchronization Module for Microsoft Active Directory Installation and Configuration Guide Release 9.0.1 Part Number B31129-01 |
|
|
View PDF |
Oracle Identity Manager is an advanced user account provisioning system for automatically granting and revoking access to enterprise applications and managed systems. The modular architecture of Oracle Identity Manager can handle most IT requirements, without requiring changes to existing infrastructure, policies, or procedures.
This chapter contains the following sections:
Components for Connecting Oracle Identity Manager to Microsoft Active Directory
Files and Directories That Comprise the Password Synchronization Module
Oracle Identity Manager provides the following components to link with Microsoft Active Directory:
Connector for Microsoft Active Directory
Password synchronization module for Microsoft Active Directory
Depending on your specific needs, you can deploy one or both of these components to connect Oracle Identity Manager and Microsoft Active Directory. Deployed together (along with LDAP over SSL), the connector and the password synchronization module provide full, bidirectional synchronization of all user attributes, including passwords.
The following table compares the functionality offered by both tools.
Functionality | Module | Connector |
---|---|---|
Updates Microsoft Active Directory with user account attributes (except for passwords) changed by Oracle Identity Manager | No | Yes |
Updates Oracle Identity Manager with user account attributes (except for passwords) changed by Microsoft Active Directory | No | Yes |
Updates Microsoft Active Directory with passwords changed in Oracle Identity Manager (requires LDAP over SSL) | No | Yes |
Updates Oracle Identity Manager with passwords changed in Microsoft Active Directory | Yes | No |
The connector for Active Directory updates user account attributes bidirectionally. However, passwords are updated only when the password is changed through Oracle Identity Manager, and not when it is changed through Active Directory.
The following figure illustrates the functionality of the connector for Microsoft Active Directory.
The password synchronization module for Active Directory updates password changes made only in Active Directory.
The following figure illustrates the functionality of the password synchronization module for Microsoft Active Directory.
The installation files for the module are compressed in the following ZIP file on the installation media:
Directory Servers\Microsoft Active Directory\Microsoft Active Directory Password Sync Rev 4.4.0.zip
These files and directories are listed in the following table.
Directory in the Installation Media | Contents |
---|---|
jpclient\lib |
|
xlhome\ext |
|
xlhome\install |
|
docs |
|