Novell Home

Novell Identity Manager

Unify All Your Digital Identities

It's simple: One person, one identity. Novell Identity Manager unifies digital identities across all business systems in the enterprise so that when an identity is created or changed in the authoritative system, the new information is automatically propagated to all appropriate systems. This helps you stay in compliance with your company policies, preventing someone from being both a purchaser and an orderer, for example.

A central datastore called the Identity Vault is used to synchronize, transform, and distribute information across applications, databases, and directories. When data from one system changes, the metadirectory engine included in Identity Manager detects and propagates these changes to other connected systems based on the business rules you define. This solution enables you to enforce authoritative data sources for any particular piece of data (for example, an HR application owns a user's ID, while a messaging system might own a user's e-mail account information).

Novell Identity Manager lets a connected system (such as SAP, PeopleSoft, Lotus Notes, Microsoft Exchange, Active Directory, and others) do the following:

  • Share data with the Identity Vault.
  • Synchronize and transform shared data with the Identity Vault when it is modified in connected systems.
  • Synchronize and transform shared data with connected systems when the data is modified in the Identity Vault.

Novell Identity Manager achieves this integration through a bidirectional framework that allows administrators to specify which data flows from the Identity Vault to the application and from the application to the Identity Vault.

Novell Identity Manager lets you select only the attributes and classes that correspond to relevant connected system-specific records and fields. For example, a directory datastore can choose to share user-type objects with a Human Resources datastore, but not share network resource objects such as servers, printers, and volumes. The Human Resources datastore can in turn share users' given names, surnames, initials, telephone numbers, and work locations, but not share the users' family information and employment history.

If the Identity Vault doesn't have classes or attributes for data you want to share with other applications, you can extend the Novell eDirectory™ schema to include them.

Recommended Reading

For more information see http://www.novell.com/documentation/idm/index.html?page=/documentation/idm/install/data/alxnk27.html

Novell® Making IT Work As One

© 2008 Novell, Inc. All Rights Reserved.