5.6 Migrating or Copying Objects

Although iManager doesn’t have a Copy function, you can use the Migrate from eDirectory option to copy objects from one eDirectory tree to another. The scope of the copying depends on the policies of the driver. For example, depending on policies that apply to the driver, you can copy (sync) all the attributes from one eDirectory tree to another. Such a “copy” requires that you synchronize all the attributes across the trees, put objects in the same location during a migration, and not change any data during the migration.

A time stamp is always associated with a resync operation. A resync operation looks for objects that are already associated (have already been synchronized) but have been changed since the time stamp. It also attempts to look for objects that might have been created since the time stamp. Clicking Resync might cause new users to be synchronized.

Instead of using the Resync option to copy objects, you can use the Migrate from eDirectory option. This option enables you to specify and synchronize a list of objects. For each object in the list, iManager writes data to the directory. Identity Manager notes the changes and starts the synchronization process for listed objects.

  1. Make sure that Identity Manager 3.5.1 is installed on a server in the source eDirectory tree and on a server in the destination eDirectory tree.

  2. Configure an Identity Manager Driver for eDirectory on the server in the source tree.

    In the eDirectory driver’s Authentication pane, provide the name or IP address and port of the destination server. See Section 5.2, Configuring Driver Object Properties.

    Select a migration option: Flat, Mirrored, or Department. To preserve the directory structure (including subcontainers and names) when data is migrated from the source tree to the destination tree, select Mirrored.

  3. Configure an Identity Manager Driver for eDirectory on the server in the destination tree.

    In the Authentication pane, provide the name or IP address and port of the source server.

  4. Set up SSL between the two trees.

    Using the NDS2NDS Wizard, create KMO certificates in both trees. See Section 5.1.2, Setting Up a KMO.

    To launch the NDS2NDS Wizard, in iManager select Identity Manager Utilities > NDS-to-NDS Driver Certificates.

  5. In iManager, select Identity Manager, click Identity Manager Overview.

  6. Search for and select a driver set, then click the driver.

  7. Select Migrate, then click a migration option.

    The Migrate from eDirectory option

    With eDirectory-to-eDirectory migrations, migrate from the source tree to the destination tree.

    The Migrate into Identity Vault option doesn’t work with the Identity Manager Driver for eDirectory.

  8. Select objects.

    For example, select a User object or a Container object. You can search for or browse to the objects. Also, you can add multiple objects.

  9. Click OK twice.

    The client (for example, iManager) writes a value to each object in the list. This change event causes Identity Manager to push the data into your destination tree.