32
Identity Manager 3.6.1 Installation Guide
no
vd
ocx
(e
n)
17
Sep
te
m
be
r 20
09
To prevent separate instances of a driver from trying to synchronize the same users, you
need to use scope filtering to define which users each instance of the driver should
synchronize. Scope filtering means that you add rules to each driver to limit the scope of
the driver’s management to specific containers. See
“Using Scope Filtering to Manage
Users on Different Servers” on page 32
.
Use multiple instances of the driver on multiple servers, without scope filtering.
If
you want to have multiple instances of a driver running on different servers without using
filtered replicas, you need to define policies on the different driver instances that enable
the driver to process different sets of objects within the same Identity Vault.
The Template objects you want the driver to use when creating users, if you choose to use
templates.
Identity Manager drivers do not require you to specify eDirectory Template objects for creating
users. However, if you specify that a driver should use a template when creating users in
eDirectory, the Template object must be replicated on the server where the driver is running.
Any containers you want the Identity Manager driver to use for managing users.
For example, if you have created a container named Inactive Users to hold user accounts that
have been disabled, you must have a master or read/write replica (preferably a master replica)
of that container on the server where the driver is running.
Any other objects that the driver needs to refer to (for example, work order objects for the
Avaya* PBX driver).
If the other objects are only to be read by the driver, not changed, the replica for those objects
on the server can be a read-only replica.
3.3.3 Using Scope Filtering to Manage Users on Different
Servers
Scope filtering means adding rules to each driver to limit the scope of the driver’s actions to specific
containers. The following are two situations in which you would need to use scope filtering:
You want the driver to synchronize only users that are in a particular container.
By default, an Identity Manager driver synchronizes objects in all the containers that are
replicated on the server where it is running. To narrow that scope, you must create scope
filtering rules.
You want an Identity Manager driver to synchronize all users, but you don’t want all users to
be replicated on the same server.
To synchronize all users without having them replicated on one single server, you need to
determine which set of servers holds all the users, and then create an instance of the Identity
Manager driver on each of those servers. To prevent two instances of the driver from trying to
synchronize the same users, you need to use scope filtering to define which users each instance
of the driver should synchronize.
NOTE:
You should use scope filtering even if your server’s replicas don’t currently overlap.
In the future, replicas could be added to your servers and an overlap could be created
unintentionally. If you have scope filtering in place, your Identity Manager drivers do not try to
synchronize the same users, even if replicas are added to your servers in the future.
Here’s an example of how scope filtering is used:
Содержание IDENTITY MANAGER 3.6.1
Страница 4: ...4 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 12: ...12 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 14: ...14 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 26: ...26 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 38: ...38 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 54: ...54 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 68: ...68 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 70: ...70 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 72: ...72 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 74: ...74 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 94: ...94 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 96: ...96 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 98: ...98 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 100: ...100 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 102: ...102 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...
Страница 104: ...104 Identity Manager 3 6 1 Installation Guide novdocx en 17 September 2009 ...