Default Driver Configuration

Identity Manager fundamentals are explained in the Nsure Identity Manager 2 Administration Guide. This section discusses implementations, additions, or exceptions specific to the NT Domain driver.


Data Flow


Publisher and Subscriber Channels

The driver supports Publisher and Subscriber channels:


Policies

Policies are used to control data synchronization between NT Domain and eDirectory. The NT Domain sample driver configuration provides a set of policies, some of which are described in the table below. These policies can be customized through Novell iManager as explained in Customizing the NT Domain Driver.

Policy Description

Schema Map

Configured on the driver object.

Maps the following eDirectory User class and properties to NT Domain Username class and attributes:

CN, name
Description, Comment
Full Name, FullName
Login Disabled, Disable
Password Allow Change, PasswordChange
Password Required, PasswordRequired
Login Allowed Time Map, LogonHours
Login Expiration Time, AcctExpires

Create

Configured on the Publisher channel.

Requires that the Surname attribute must be specified in order for a User object to be created.

NT does not use this attribute, but eDirectory requires it. To satisfy the eDirectory requirement, the Create policy sets a default Surname for all users, Unknown, or you can specify your own when importing the driver configuration.

Matching

Configured on the Publisher and Subscriber channels.

Specifies that a user in eDirectory is the same user as a user in NT when the value of CN is the same in both places.

NOTE:  Because the NT Domain APIs allow queries of only the user name attribute, this policy should not be changed.

Placement

Configured on the Publisher and Subscriber channels.

Specifies that new users are named by the value of the leafmost part of the source distinguished name and be placed in the containers you defined during driver setup. You should create these containers before you start the driver.