2.1 Previous Identity Manager Architecture

The previous architecture used a separate eDirectory™ attribute to represent each Policy Set on the driver, the Publisher object, or the Subscriber object that pointed to an individual policy (rule or style sheet) object. The driver object stored the Input Transformation, Output Transformation, and the Schema Mapping policy sets. The Publisher and Subscriber objects stored Event Transformation, Matching, Create, Placement, and Command Transformation Policy Sets.

For more information about policy types, see Section 3.0, Understanding Types of Policies. Figure 2-1 shows all of the policies stored on the Publisher object for an Active Directory* driver.

Figure 2-1 Identity Manager Architecture Prior to Version 3.5

Each attribute contains the DN of the policy or the style sheet the Policy Set is referring to. If there are multiple policies in a Policy Set, then a chain of policies is created. The DirXML-NextRule attribute points to the next policy in the Policy Set that needs to be executed. Figure 2-2 shows a Command Transformation style sheet, including the next Command Transformation style sheet or policy that is executed in the DirXML-NextTransformation attribute.

Figure 2-2 DirXML-NextRule Attribute on a Policy

This allows for a convenient representation of order within a Policy Set, but has the drawback that individual policies cannot be shared without also sharing any subsequent policies in the chain.