<- .:accounts | Accounts ^ .:start | Documentation ^ .:provisioning | Provisioning -> ====== Synchronization ====== Synchronization represents data flow from source systems (e.g. SAP, HR systems...) to IdM. Usually CzechIdM synchronize employees and organizational structure from HR systems. Other objects like groups can be imported e.g. from AD. {{ :devel:documentation:synchronization.png | Synchronization from multiple systems}} ===== Supported entities ===== In CzechIdM you can synchronize following types of entities: * **[[.:Ídentities|Identities (users)]]** - we fully support identity synchronization with their **Contracts** * **[[.:Roles|Roles]]** - automatic synchronization of roles is a must have if the role set vary in time - e.g. AD/LDAP groups * **[[.:tree_structures|TreeNodes (organizational structure)]]** - we support tree structure synchronization to be able to represent organizational divisions and place users to their working positions. * **Role catalogues** - Structures in which roles are located to make navigation easier for users. Synchronization is fully audited and supports multiple synchronization for every entity and system. Synchronization can be started on demand or as planned [[.:scheduled_task|scheduled task]]. ===== Reconciliation ===== Synchronization is used for acquiring data from the connected system to CzechIdM. There are two modes of synchronization: * **Reconciliation** - Synchronization of all available objects of the specified type. * **Synchronization** - If the token is specified, e.g. timestamp, only objects that has changed since the last synchronization are synchronized. The **Reconciliation** mode is useful in the case that you connect an existing system, where you want to start managing accounts by CzechIdM, e.g. LDAP. As an initial action, you will need to link existing system accounts to their corresponding identities in CzechIdM. The reconciliation is the right tool for this initial linking of accounts. ====== Read more ====== ===== Admin tutorials ===== * [[tutorial:adm:manage_ldap| LDAP - how to connect and sync]] * [[tutorial:adm:connect_a_db_system| Database - how to connect and sync]] * [[tutorial:adm:systems| Generic System - how to connect and sync]] * [[tutorial:adm:how_to_identity_sync | CSV - identities synchronization]] * [[tutorial:adm:how_to_contract_sync | CSV - users contracts synchronization]] * [[tutorial:adm:synchronization | Synchronization - configuration options]] ===== Admin guide ===== |**Name** |**More details** | | Identity |[[devel:documentation:synchronization:dev:synchronization|]] | | Contractual relationship |[[devel:documentation:synchronization:dev:relation-sync|]] | | Time slices of contractual relationship |[[devel:documentation:synchronization:dev:contract-slice-sync|]] | | Tree |[[devel:documentation:synchronization:dev:tree-sync|]] | | Role |[[devel:documentation:synchronization:dev:role-sync|]] | | | ===== Devel tutorials ===== * [[.synchronization:dev:synchronization |Synchronization extras]] * [[.synchronization:dev:tree-sync |TreeNodes synchronization config]] * [[.synchronization:dev:relation-sync |Contracts synchronization extras]] * [[.synchronization:dev:create-new-entity-type-for-sync-and-prov |Create a new entity type for synchronization and/or provisioning]] * [[.synchronization:dev:role-sync |Roles synchronization extras]] (to be deleted)