Reconciliation Rules
The following table provides information about the common Identity Manager processes
or tasks related to the reconciliation rules category:
Correlation Rule
Identity Manager invokes the Correlation rule during reconciliation to
associate a resource account with one or more Identity Manager users.
Inputs:
Accepts a WSUser representing a resource account
as returned by ResourceAdapter#getUser(WSUser)
You must specify the following for a custom Correlation rule:
|
AuthType
|
Not specified
|
|
SubType
|
SUBTYPE_ACCOUNT_CORRELATION_RULE
|
|
Namespace
|
All attribute values for the resource account defined in the schema
are provided in the following format:
account. LHS Attr Name
|
|
Called
|
During reconciliation
|
|
Returns
|
Criteria you can use to select existing users that might own the specified
account. A correlation rule can return criteria in any of the following forms:
-
A string that is interpreted as a WSUser NAME
-
A list of string elements that are each interpreted as a WSUser NAME
-
A list of com.waveset.object.WSAttribute elements
-
A list of com.waveset.object.AttributeCondition elements
Identity Manager uses any set of criteria returned by a correlation
rule to query the repository for matching users.
|
|
Predefined Rules
|
Default Correlation
|
Confirmation Rule
Identity Manager invokes the Confirmation rule during reconciliation
to compare a resource account with one or more Identity Manager users.
Inputs:
Accepts the following arguments:
You must specify the following for a custom Confirmation rule:
|
AuthType
|
None
|
|
SubType
|
SUBTYPE_ACCOUNT_CONFIRMATION_RULE
|
|
Namespace
|
All attribute values for the resource account and all attributes in
the User view are provided in the following format:
-
account.LHS Attr Name
-
user.accounts[*].*
-
user.waveset.*
-
user.accountInfo.*
|
|
Called
|
During reconciliation
|
|
Returns
|
Logical true or false (1 or 0)
depending on whether there is a match.
|
|
Predefined Rules
|
Default Confirmation
|
