The effective functionality of Identity Manager and Identity Synchronization for Windows results only when both the systems deployed and configured to function as a single system.
The Identity Synchronization for Windows functionality comprises:
Detection of all the password changes on Active Directory, and synchronization with Directory Server using On Demand Synchronization.
Detection of all password changes on Directory Server, and synchronization with Active Directory.
Identity Synchronization for Windows does not synchronize:
User creations
User deletions
Non-password attributes
The Identity Manager functionality, in cohabitation with Identity Synchronization for Windows, comprises:
Detection of all password changes on Active Directory using the pwsync component and synchronization of the changes to all other Identity Manager-managed resources, except Directory Server resources.
Use of Identity Manager Administrator Console to propagate user password changes to Active Directory and all other Identity Manager-managed resources, except Directory Server.
Use of Identity Manager Administrator Console to propagate new users across all Identity Manager-managed resources (including Directory Server).