The Identity Manager Driver for LDAP synchronizes data between an Identity Vault and LDAP-compliant directories. This driver runs on all platforms where an Identity Vault runs, including Windows*, NetWare®, Linux*, Solaris*, and AIX*. The driver can run anywhere that a Metadirectory server or Identity Manager Remote Loader is running.
The driver uses the Lightweight Directory Access Protocol to bidirectionally synchronize changes between an Identity Vault and the connected LDAP-compliant directory.
Because of this flexible model for communicating, the driver can synchronize with LDAP-compliant directories running on platforms (for example, HP-UX*, OS/400, and OS/390) that are not supported by an Identity Vault.
The driver can use either of two publication methods to recognize data changes and communicate them to an Identity Vault through Identity Manager.
The changelog method
This method is preferred when a change log is available. Change logs are found on the following:
Sun Java System Directory/Sun ONE Directory
Netscape* Directory Server
iPlanet* Directory Server
IBM* SecureWay Directory/IBM Tivoli Directory
Critical Path* InJoin* Directory
Oracle* Internet Directory
See Section 4.1.3, LDAP Publisher Settings: Changelog and LDAP-Search Methods and Section 4.1.4, LDAP Publisher Settings: Only the Changelog Method.
The LDAP-search method
Some servers don't use the changelog mechanism. The LDAP-search method enables the LDAP driver to publish data about the LDAP server to an Identity Vault.
Additional software and changes to the LDAP-compliant directory are not required. LDAP servers that can be synchronized by using the LDAP-search method include the following:
OpenLDAP
See Section 4.1.5, LDAP Publisher Settings: Only the LDAP-Search Method
For information on what’s new in Identity Manager,
see What's
New in Identity Manager?
in the Identity
Manager 3.0.1 Installation Guide.