Novell Doc: Identity Manager 3.5.1 Driver for SIF Implementation Guide - About the Identity Manager Driver for SIF

1.3 About the Identity Manager Driver for SIF

Schools use many applications to organize data for a K-12 education environment, such as systems for student administration, network access, food services, and library automation. These diverse systems often contain duplicate information. If the applications do not communicate with each other to share information, school administrators and information technology personnel must deal with the challenges of manually provisioning students and using redundant data entry to keep the systems synchronized.

For example, when new students enroll at a school, they need network access and a home directory for their files. If the Student Information System (SIS) does not communicate with the Identity Vault, the network administrator must manually create a user account and assign network resources for each new student, one at a time. Without interoperability between the systems, each subsequent change to student data also requires manual intervention to keep the Identity Vault users updated.

To create interoperability between the Student Information System and the Identity Vault, Novell® provides the Identity Manager Driver for Schools Interoperability Framework (SIF).

SIF is an open standard created to allow K-12 education applications to exchange data effectively. The Identity Manager Driver for SIF works as a SIF Agent. The 3.5 release of the driver conforms to SIF Implementation Specifications 1.1 and 1.5r1. For information about the specifications, see the Schools Interoperability Framework Web site.

The driver eliminates the need to manually provision, change, or delete User objects for a school system in the Identity Vault. Instead, the changes in the Identity Vault are made automatically, mirroring the data from the Student Information System. When a student is entered in the Student Information System, he or she is automatically given a User object in the Identity Vault, in the correct container, with network resources. If the student’s status changes, such as a grade-level change or a move to a different school, the change is reflected in the Identity Vault and the User object is moved to a different container, if appropriate. If a student leaves the school system, the user object’s login is disabled. The same kind of synchronization is done for staff and faculty users.

In a school network that uses the SIF standards, the Student Information System publishes information to the Zone Integration Server (ZIS).

The driver, like other SIF Agents, registers with the ZIS so it can receive information. The driver receives the StudentPersonal, StudentSchoolEnrollment, and SchoolInfo objects for students, and the StaffPersonal object for faculty and staff. The driver uses that information to create User objects for students and staff, give them appropriate attributes, and automatically place them in the correct container in the Identity Vault. This flow of information and the list of the attributes that are populated in the Identity Vault are shown in the following diagram.

Figure 1-1 The Role of the Identity Manager Driver for SIF

In the driver configuration provided, the Identity Vault receives information from the Student Information System. You can customize the configuration to change how students and staff are provisioned, and cause the Identity Vault to send information to the ZIS.