JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Identity Synchronization for Windows 6.0 Installation and Configuration Guide
search filter icon
search icon

Document Information


Part I Installing Identity Synchronization for Windows

1.  Understanding the Product

Product Features

System Components

Watchdog Process


Configuration Directory


Command-Line Utilities

System Manager

Central Logger


Connector Subcomponents

Directory Server Plug-In

Windows NT Connector Subcomponents

Message Queue

System Components Distribution


Directory Server Connector and Plug-in

Active Directory Connector

Windows NT Connector and Subcomponents

How Identity Synchronization for Windows Detects Changes in Directory Sources

How Directory Server Connectors Detect Changes

How Active Directory Connectors Detect Changes

How Windows NT Connectors Detect Changes

Propagating Password Updates

Using the Password Filter DLL to Obtain Clear-Text Passwords

Using On-Demand Password Synchronization to Obtain Clear-Text Passwords

Reliable Synchronization

Deployment Example: A Two-Machine Configuration

Physical Deployment

Component Distribution

2.  Preparing for Installation

3.  Installing Core

4.  Configuring Core Resources

5.  Installing Connectors

6.  Synchronizing Existing Users and User Groups

7.  Removing the Software

8.  Configuring Security

9.  Understanding Audit and Error Files

Part II Identity Synchronization for Windows Appendixes

A.  Using the Identity Synchronization for Windows Command Line Utilities

B.  Identity Synchronization for Windows LinkUsers XML Document Sample

C.  Running Identity Synchronization for Windows Services as Non-Root on Solaris

D.  Defining and Configuring Synchronization User Lists for Identity Synchronization for Windows

E.  Identity Synchronization for Windows Installation Notes for Replicated Environments


Deployment Example: A Two-Machine Configuration

This section describes a deployment scenario in which Identity Synchronization for Windows is used to synchronize user object creation and bidirectional password modification operations between Directory Server and Active Directory sources.

The deployment scenario consists of two machines:

Note - Even though Windows NT is not used in this scenario, Identity Synchronization for Windows also supports synchronization with NT domains.

The following figure illustrates the synchronization requirements (node structures with associated attribute values) used for this deployment scenario.

image:Synchronization requirements showing node structures and attribute values.

The two goals for this scenario are as follows:

Note - Identity Synchronization for Windows supports multiple synchronization sources of the same type. For example, you can have more than one Directory Server in a deployment or multiple Active Directory domains.

Creation, modification, and deletion synchronization settings are global for the entire set of directories, and cannot be specified for individual directory sources. If you synchronize user object creations from Directory Server to Active Directory, user object creations will propagate from all Directory Servers to all Active Directory domains and Windows NT domains configured in the installation.

Physical Deployment

The following figure illustrates how all the product’s components are physically deployed on a single Solaris system, while the Active Directory domain resides in a separate Active Directory domain controller where no components have been installed.

Figure 1-7 Directory Server and Active Directory Scenario

image:Directory Server and Active Directory physical deployment.

Component Distribution is a machine where Directory Server is installed on a Solaris operating system. The root suffix for the Directory Server instance being synchronized is dc=corp,dc=example,dc=com.

This topology contains the following: