Reconciliation Policies and the Reconcile Policy View (Sun Identity Manager Deployment Reference)

Sun Identity Manager Deployment Reference

Reconciliation Policies and the Reconcile Policy View

Reconciliation policy settings are stored in a tree structure with the following general structure:

Settings can be specified at any point in the tree. If a level does not specify a value for a policy, it is inherited from the next highest policy.

The view represents an effective policy at a specified point in the policy tree, which is identified by the view name.

Table 3–43 ReconcilePolicy Tree and View Names


View Name	Description
`Default`	Addresses the root of the policy tree
`ResType`:`resource type`	Addresses the specified resource type beneath the root
`Resource`:`resource name`	Addresses the specified resource beneath the resource’s resource type

Values of policy settings are always policy values. Policy values can contain up to three components, as described in the following table.

Table 3–44 Policy Value Settings Attributes (ReconcilePolicy View)


Policy Value Settings	Description
`value`	Specifies the value of the setting.
`scope`	Identifies the scope from which this setting is derived. Values of scope include Local, ResType, and Default, indicating which level is specifying this policy. For example, a value of SCOPE_LOCAL indicates the value is set at the current policy level. SCOPE_LOCAL -- Policy is set at the resource level or current policy level SCOPE_RESTYPE -- Policy is set at the restype, or resource type, level SCOPE_GLOBAL. -- Policy is set at the global level
`inheritance`	Identifies the policy setting that is inherited at this level. If the scope is not Local, the inheritance will match the effective value. Not present on policy settings at the Default level.

To modify the view, users require Reconcile Administrator Capability.

To access the view, users require Reconcile Administrator or Reconcile Request Administrator capabilities.