Novell Doc: Identity Manager 3.6.1 Driver for Lotus Notes Implementation Guide

1.2 Lotus Notes Driver Concepts

The following sections explain concepts you should understand before implementing the Notes driver:

1.2.1 Default Data Flow

A channel is a combination of rules, policies, and filters that is used to synchronize data between two systems. The Subscriber and Publisher channels describe the direction in which the data flows. The Subscriber and Publisher channels act independently; actions in one channel are not affected by what happens in the other.

Subscriber Channel

The Subscriber channel is the channel of communication from the Identity Vault to Lotus Notes. The channel takes events generated in the Identity Vault and sends them to the Lotus Notes system. The following illustration shows this data flow:

Figure 1-1 Data Flow Through the Subscriber Channel

The driver can be configured to work with Notes databases other than the Public Address Book, names.nsf.

Publisher Channel

The Publisher channel represents the channel of communication from Lotus Notes to the Identity Vault. The channel takes event generated in Lotus Notes and sends them to the Identity Vault. The following illustration shows how this data is published:

Figure 1-2 Data Flow Through the Publisher Channel

1.2.2 Policies

Policies are used to control the synchronization of data between the Identity Vault and Lotus Notes. Policies transform an event on a channel input into a set of commands on the channel output. The Lotus Notes driver includes the following set of preconfigured policies:

Schema Mapping: Mappings have been defined for the Notes address book.
Creation: The default Creation policy logic for the Publisher channel and the Subscriber channel is the same. To create a User object requires a Given name and a Surname. To create a Group object requires Description, Membership, and Owner attributes. You can modify these elements to meet your business policies.
Matching: The default Matching policy logic for the Publisher channel and the Subscriber channel is the same. An Identity Vault User object is considered to be the same object in Notes when Given name and Surname match in both directories. An Identity Vault Group object is considered to be the same object in Notes when the CN is the same in both directories. You should modify these policies to meet your business policies. Matching policies are typically more specific than this generic Given name/Surname match.
Placement: The default Placement policy on the Subscriber channel places all User objects from a specified Identity Vault container in a specified Notes Organizational Unit, and all Group objects from a specified Identity Vault container in a specified Organizational Unit in Notes. The same relationship is typically maintained on the Publisher channel. The container names and OU names for this default Placement policy are collected from the user when importing the default driver configuration. You should modify or add additional Placement policies and policy rules to meet your business needs.

1.2.3 Driver Components

The driver contains the following components:

Default Driver Configuration File: A file you can import to set up default rules, style sheets, and driver parameters. The driver configuration file included with this driver is Notes-IDM3_6_0-V4.xml, with its accompanying .xlf file (for any language other than English).
Driver Files: CommonDriverShim.jar and NotesDriverShim.jar are the Java files that direct synchronization between Lotus Notes and the Identity Vault.
notesdrvjni: This shared library provides Java Native Interface (JNI) access from NotesDriverShim.jar to Lotus Notes native libraries (Notes C APIs).
ndsrep: A Lotus Domino server add-in process to enable data synchronization. It keeps track of the time of the last successful synchronization with a Notes database, and checks the Lotus Domino Server for changes based on that time stamp. It then reads the changes from the Notes database, determines the event types they represent, and filters the updates based on objects and attributes specified in the Publisher filter in the driver configuration in the Identity Vault.
dsrepcfg.ntf: A Notes database template required for the initial startup of the Notes driver shim. The Notes driver shim uses this Notes database template to create a configuration database named dsrepcfg.nsf, which is used by ndsrep to determine the Publisher filter and other driver publication settings.