Identity Manager and Identity Synchronization for Windows Functionality

For Identity Manager and Identity Synchronization for Windows to work effectively, both must be deployed and configured to function as a single system.

Identity Synchronization for Windows functionality includes the following:

• Detection of all the password changes on Active Directory, and synchronization with Directory Server using on-demand synchronization

• Detection of all password changes on Directory Server, and synchronization with Active Directory

Identity Synchronization for Windows does not synchronize these functions:

• User creations

• User deletions

• Non-password attributes

The Identity Manager functionality, coexisting with Identity Synchronization for Windows, includes the following:

• Detection of all password changes on Active Directory using pwsync, and synchronization of the changes to all other Identity Manager-managed resources, except Directory Server resources

• Use of the Identity Manager Administrator Interface to propagate user password changes to Active Directory and all other Identity Manager-managed resources, except Directory Servers

• Use of the Identity Manager Administrator Interface to propagate new users across all Identity Manager-managed resources (including Directory Servers)