Skip Navigation Links | |
Exit Print View | |
Oracle Identity Synchronization for Windows 6.0 Deployment Planning Guide |
2. Case Study: Deploying in a Multimaster Replication Environment
3. Case Study: Deploying in a High-Availability Environment Over a Wide Area Network Using SSL
A. Pluggable Authentication Modules
B. Identity Manager and Identity Synchronization for Windows Cohabitation
Identity Manager and Identity Synchronization for Windows Functionality
Password Changes on Active Directory
Password Changes on Directory Server
Password Changes and Provisions Originating from Identity Manager Console
Configuring Identity Manager and Identity Synchronization for Windows
Setting Up Identity Manager 5.0 SP2 and Later
Configuring pwsync to Not Propagate Passwords to Directory Server
Setting Up Identity Manager 5.0 SP1 and Earlier
Configuring Identity Synchronization for Windows
Overview illustrates the following three important components of the Identity Manager and Identity Synchronization for Windows cohabitation deployment:
Active Directory Domains
Separate Directory Server deployment
Any other Identity Manager-managed resource, which does not include the previous two, for example, Oracle RDBMS
The Identity Manager Console handles resource administration such as system-wide password changes and users creation. All password changes between Directory Servers and Active Directory Domains are synchronized using Identity Synchronization for Windows. Password changes that occur within an Active Directory Domain are synchronized to Directory Server using Identity Synchronization for Windows, and synchronized to all other Identity Manager resources using pwsync (an Identity Manager DLL installed on the Primary Domain Controllers of Windows systems). All password changes originating from the Identity Manager Administrator Console are subsequently propagated to all Identity Manager resources, except the Sun Java System Directory Server. All user creations originating from the Identity Manager Console are reflected to all resources, including Directory Servers. For details, seeConfiguring pwsync to Not Propagate Passwords to Directory Server
Figure B-1 Password Synchronization and User Creation in an Identity Manager-Identity Synchronization for Windows Environment