This section illustrates a single-host installation procedure for Identity Synchronization for Windows.
Some components must be installed in a particular order, so be sure to read all installation instructions carefully.
Identity Synchronization for Windows provides a “To Do” list, which is displayed throughout the installation and configuration process. This information panel lists all of the steps you must follow to successfully install and configure the product.
As you go through the installation and configuration process, the program greys-out all completed steps in the list (as you can see in Installation Overview).
The rest of this section provides an overview of the installation and configuration process, and is organized as follows:
When you install Core, you will be installing the following components:
Sun Java System Administration Server: Configures the Directory Server Plug-in and provides the administration framework.
Console: Provides a centralized location for performing all of the product’s component configuration and administration tasks
Central logger: Centralizes all audit and error logging information in a central location
System manager: Delivers configuration updates to connectors dynamically and maintains the status of each connector
Instructions for installing Core are provided in Chapter 5, Installing Core
After installing Core, you use the Console to initially configure the directory sources to be synchronized (and other characteristics of the deployment) all from a centralized location.
Instructions for configuring directory resources are provided in Chapter 6, Configuring Core Resources
Directory Server Connectors support the Sun Java System Directory Server 6.0.
Before you can install Directory Server Connectors, you must prepare a Sun Java System Directory Server source for every configured Directory Server master (both preferred and secondary masters) being synchronized.
You can perform this task from the Console or from the command line using the idsync prepds subcommand.
Instructions for preparing Directory Server are provided in Preparing Sun Directory Source.
You can install any number of connectors depending on the number of configured directories available in your system. Both the Console and the installation program use the directory label to associate a connector with the directory that is synchronized.
Table 4–1 Label Naming ConventionsTable 4–2 Label Naming Examples
Connector Name |
Directory Source |
CNN100 |
SunDS1 on ou=isw_data1 |
CNN101 |
AD1 |
CNN102 |
SunDS1 on ou-isw_data2 |
CNN103 |
SunDS2 |
Instructions for installing and configuring Connectors are provided in Chapter 5, Installing Core
After installing the connectors, plug-ins, and subcomponents you must run the idsync resync command line utility to bootstrap deployments with existing users. This command uses administrator-specified matching rules to
Link existing entries (For more information about linking users , see Linking Users
Populate an empty directory with the contents of a remote directory
Bulk-synchronize attribute values (including passwords) between two existing user populations where entries in both the Windows and Directory Server directories are uniquely identified and linked to each other.
For more information about synchronizing existing users, see Chapter 8, Synchronizing Existing Users and User Groups.