For Identity Manager and Identity Synchronization for Windows to work effectively, both must be deployed and configured to function as a single system.
Identity Synchronization for Windows functionality includes the following:
Detection of all the password changes on Active Directory, and synchronization with Directory Server using on-demand synchronization
Detection of all password changes on Directory Server, and synchronization with Active Directory
Identity Synchronization for Windows does not synchronize these functions:
User creations
User deletions
Non-password attributes
The Identity Manager functionality, coexisting with Identity Synchronization for Windows, includes the following:
Detection of all password changes on Active Directory using pwsync, and synchronization of the changes to all other Identity Manager-managed resources, except Directory Server resources
Use of the Identity Manager Administrator Interface to propagate user password changes to Active Directory and all other Identity Manager-managed resources, except Directory Servers
Use of the Identity Manager Administrator Interface to propagate new users across all Identity Manager-managed resources (including Directory Servers)