Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
devel:documentation:adm:systems [2019/02/26 08:29]
kotisovam [Password for confidential storage] parts moved (edited) from "Connector configuration and attribute mapping" 		devel:documentation:adm:systems [2019/02/26 11:41]
kotisovam [Synchronization/Provisioning strategies] intro part on synchronization moved from devel "Synchronization"
Line 49: Line 49:
                      
  
-====== Synchronization/Provisioning strategies ======+===== Synchronization ===== 
 + 
 +====== Synchronization ====== 
 +{{tag> sync identity}} 
 + 
 +The basic task of synchronization is to ensure the correct state of the data on the end system (typically, users accounts) and in IdM. The correct state is defined both by the data in IdM (account management) and by the IdM configuration itself. This is usually taken care of by setting provisioning and synchronization on a given system. 
 + 
 + 
 +===== Entities that support sync ===== 
 + 
 +|**Name**                                                |**Entity name (DTO)**                         |**More details** 
 +| Identity                  | IdmIdentityDto            |[[..:..:synchronization|]]                            | 
 +| Contractual relationship                  | IdmIdentityContractDto            |[[..:..:synchronization:dev:relation-sync|]]                          | 
 +| Time slices of contractual relationship                  | IdmContractSliceDto            |[[..:..:synchronization:dev:contract-slice-sync|]]                          | 
 +| Tree                  | IdmTreeNodeDto            |[[..:..:synchronization:dev:tree-sync|]]                         | 
 +| Role                  | IdmRoleDto            |[[..:..:synchronization:dev:role-sync|]]                          | 
 +| Role catalogue                  | IdmRoleCatalogueDto            |                          | 
 +| | 
 + 
 +==== A typical synchronization process runs as follows:==== 
 + 
 +  - **Finding changed accounts** on the end system. 
 +  - **Iteration of changed accounts** and evaluation of the situation for each account (accounts in IdM). 
 +  - **Action performance** for the situation found (e.g. creation of an identity in IdM). 
 +  - **Running subsequent operations** (e.g. provisioning of updating an account on the end system). 
 + 
 +====During synchronization, identities can be evaluated for different situations they find themselves in, namely:==== 
 +- (non)-existent links\\ 
 +- (non)-existent entities\\ 
 +- (non)-existent accounts\\ 
 + 
 +More on this topic later. 
 + 
 + 
 +====== Synchronization/provisioning strategies ======
  
 An attribute mapping strategy defines how attributes, and particularly their values, will be handled during provisioning and synchronization. An attribute mapping strategy defines how attributes, and particularly their values, will be handled during provisioning and synchronization.
  • by tomiskar