Action Types (Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide)

Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide

Previous: Appendix B Configuring Identity Manager and Identity Synchronization for Windows to Coexist
Next: Connector Layers: Accessor, Controller, and Agent

Action Types

When an Identity Synchronization for Windows Connector detects a change to a user entry, it uses an action to represent this change as it travels through Identity Synchronization for Windows. Each action includes a type such as CREATE, MODIFY, or DELETE, and enough attributes from the user entry to allow the destination connector to synchronize the change. The type of an action appears in log entries and can be one of the following:

MODIFY — Indicates that an existing user entry was modified.
CREATE — Indicates that a new user entry was created.
DELETE — Indicates that a user entry was deleted.
LINK — When Identity Synchronization for Windows synchronizes a new Directory Server user to Windows, the Windows Connector sends a Link Action to the Directory Server Connector after the entry is created. This Link Action contains the user's Windows GUID, which is written to the user's Directory Server entry. Link Actions are only sent from a Windows Connector to the Directory Server Connector.
UNKNOWN — When a Windows Connector detects a change to a user, the corresponding action is assigned the Unknown type until the connector determines the type of action by comparing it with the object cache.
REFRESH — Indicates resynchronization operations resulting from running the idsync resync command. Actions of this type hold the current value of all user attributes and do not correspond to a detected change in a user entry.
SENTINEL — Signals that all source actions are sent during the idsync resync operation. During idsync resync operation, the source connector sends one Sentinel action for each Synchronization User List (SUL) that is processed, to signal that all users in that SUL are sent. This is the only action type that does not correspond to a user entry.

Attributes from the user entry are also included when the action is logged. These attributes are divided into two types: data attributes and other attributes. Data attributes correspond to attributes that are always synchronized, for example, userpassword. The other attributes (sometimes referred to as meta attributes) are required, for example, objectguid or pwdlastset.