The Identity Manager Driver for RSA synchronizes data between an Identity Vault and RSA Authentication Manager. The driver can run anywhere that a Metadirectory server or Identity Manager Remote Loader is running if you are connecting to RSA Authentication Manager 7.1. If you are connecting to RSA Authentication Manager 6.1, the driver can only run on a Metadirectory server or Identity Manager Remote Loader installed on a Microsoft Windows server running RSA Authentication Manager 6.1.
The driver uses RSA APIs to bidirectionally synchronize changes between an Identity Vault and the connected RSA Authentication Manager.
Channels, filters and policies control data flow.
The RSA driver supports Publisher and Subscriber channels:
The Publisher channel reads information from RSA Authentication Manager and submits that information to an Identity Vault via the Metadirectory engine.
By default, the Publisher channel checks for new RSA events every 3 minutes, processing up to 1000 entries at a time, starting with the first unprocessed entry.
The Subscriber channel watches for additions and modifications to Identity Vault objects and issues RSA commands that make changes to RSA Authentication Manager.
Identity Manager uses filters to control which objects and attributes are shared. The default filter configurations for the RSA driver allow objects and attributes to be shared, as illustrated in the following figure:
Figure 1-1 RSA Driver Filters
Policies are used to control data synchronization between the driver and an Identity Vault.
The following table provides information on default policies. These policies and the individual rules they contain can be customized as explained in Section 6.0, Synchronizing Data.
Table 1-1 Default Policies