20.5 Deploying a Channel to an Identity Vault

A channel is a grouping of rules and policies, and Designer allows you to deploy a channel object into a driver if necessary. The Subscriber and Publisher channels describe the direction in which the information flows. The Subscriber channel takes the event from Identity Vault (eDirectory) and sends that event to the connected system (application, database, CSV file, etc). The Publisher channel takes the event from the application, database, CSV file, etc., and sends that event to the Identity Vault. The Subscriber and Publisher channels act independently; actions in one are not affected by what happens in the other.

Channel objects must be a part of a newly created driver, or they must be a part of an existing driver that now needs to be modified. Driver objects are created through the Designer or iManager utilities. Because channel objects are a part of a driver object, you deploy a channel object into an existing driver object. If you simply deploy the channel object, Designer creates a skeleton driver as a placeholder for the channel object.

To deploy an Identity Manager channel (a Subscriber channel or a Publisher channel) object and all contained policies into a driver in an Identity Vault:

  1. In the Outline tab, select the channel object under the driver object. The driver object is represented by a circle icon; the Publisher icon shows a black dot on the icon Setting security equivalences and excluding administrative roles and the Subscriber icon shows a white dot Setting security equivalences and excluding administrative roles.

  2. Right-click the channel object you want to deploy, then click Live > Deploy.

    Deploying a Channel object

    An error displays if Designer can’t authenticate to the eDirectory tree specified in the Identity Vault, or if you do not have the Deployment DN designated in the Properties tab of the Identity Vault you are deploying to.

    The Deployment Summary window shows you the differences between the objects you are deploying and those that already reside in an eDirectory tree. It is the same window format as the Compare feature. For more information on how to use the Compare window, see Section 20.7, Using the Compare Feature When Deploying.

    An error displays if Designer can’t authenticate to the eDirectory tree specified in the Identity Vault, or if you do not have the Deployment DN designated in the Properties tab of the Identity Vault to which you are deploying.

  3. In the Deployment Summary window, click Deploy.

  4. After the channel deploys, click OK to close the Deployment Results window.