Message Queue

Identity Synchronization for Windows uses Message Queue (a persistent message queue mechanism with a publish/subscribe model) to propagate attribute and password changes between directory sources and to distribute administrative and configuration information to the connectors managing synchronization for those directory sources.

Message Queue is an enterprise messaging system that implements the Java Message Service (JMS) open standard. The JMS specification describes a set of programming interfaces that provide a common way for Java applications to create, send, receive, and read messages in a distributed environment.

Message Queue consists of message publishers and subscribers that exchange messages using a common message service. This message service is composed of one or more dedicated message brokers, which are responsible for controlling access to the message queue, maintaining information about active publishers and subscribers, and ensuring that messages are delivered.

Message Queue is the best approach because it:

• Establishes a system of trust between connectors

• Simplifies security access controls for all components

• Facilitates end-to-end encryption of passwords

• Ensures that all password update messages are delivered

• Reduces connector-to-connector communication complexity and security risks

• Enables a central authority to distribute configuration information

• Allows for the aggregation of all connector logs in a central location