Identity Synchronization for Windows includes the following new features and enhancements:
Group synchronization with Active Directory. Identity synchronization between Directory Server and Active Directory is simplified because you can map a group on Directory Server to Microsoft Active Directory domain global distribution groups and domain global security groups.
Failover support for multiple master replicas. For more information about failover support, see Appendix E, Identity Synchronization for Windows Installation Notes for Replicated Environments, in Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide.
Account lockout synchronization with Active Directory. Identity Synchronization for Windows synchronizes account lockout information between Directory Server and Active Directory, improving security coherency between the two directories.
No need for a local Directory Server. A Directory Server instance does not need to be installed on the system that is running Identity Synchronization for Windows. When the installer does not find a local Administration Server, the installer adds the Administration Server at the specified server root location, so you do not have to install the Directory Server software.
Integrated Directory Server Plug-in. The Identity Synchronization for Windows plug-in for Directory Server is now installed with Directory Server rather than Identity Synchronization for Windows. The installer provides an option to configure the plug-in while installing the Directory Server Connector. The same option is available through the command line interface.
Support for Red Hat Linux. Identity Synchronization for Windows now supports Red Hat Linux.