When you first run the i5/OS driver, you might have identities in the Identity Vault that you want to provision to the connected system, or vice versa. Identity Manager provides a built-in migration feature to help you accomplish this.
In iManager, open the Identity Manager Driver Overview for the driver.
Click
. An empty list of objects to migrate is displayed.Click
. A browse and search dialog box that allows you to select objects is displayed.Select the objects you want to migrate, then click
.To view the results of the migration, click Section A.1.5, The Status Log.
. For details about the log, seeIf a user has a Distribution Password, the Distribution Password is migrated to the connected system as the user’s password. Otherwise, no password is migrated. For information about Universal Passwords and Distribution Passwords, see the Password Management Administration Guide.
In iManager, open the Identity Manager Driver Overview for the driver.
Click
to display the Migrate Data into the Identity Vault window.Specify your search criteria:
To view the list of eDirectory™ classes and attributes, click
.Select class User or class Group.
IMPORTANT:Identity Manager imports objects by class in the order specified in the list. Migrate users before you migrate groups so that the users can be added to the newly created groups.
Select the attributes to be used as search criteria for objects of the selected class, then click
.The eDirectory attributes map to i5/OS attributes as specified by the driver schema: CN maps to USRPRF, etc. For the default mappings, see Table 1-2, Default eDirectory User to i5/OS UserProfile Mapping and Table 1-3, Default eDirectory Group to i5/OS GroupProfile Mapping.
To see i5/OS attributes, click
above the attribute list.Specify values for the selected attributes, then click
.The values can include basic regular expressions.
Click
.To view the results of the migration, click Section A.1.5, The Status Log.
. For details about the log, seeBecause local passwords cannot be retrieved from the i5/OS security system, they cannot be submitted to the Metadirectory engine until they are changed. The Validate Password exit program captures password changes.
To generate events for associated objects that have changed since the driver’s last processing, open the Identity Manager Driver Overview page for the driver in iManager, then click
.