The default Notes driver configuration contains a class within its filter called “Unknown” (containing an “Object Class” attribute) that is configured to flow on the publisher channel from Lotus Notes to the Identity Vault. What is the “Unknown” class, and why is it configured within the filter for synchronization from Lotus Notes to the Identity Vault?


The “Unknown” class in the publisher filter facilitates the synchronization object deletion operations from Lotus Notes to the Identity Vault. When objects (documents) are deleted from a Lotus Notes database, a deletion stub document remains in the Notes database. The ndsrep polling process can detect this stub, but it does not know the original contents of the deleted document, such as the class type (Type or Form field), or last modifier ($UpdatedBy field).

The deleted object’s Universal ID (UNID) (used for the IDM association value) remains on the deletion stub. When the ndsrep polling process detects a document deletion stub, it generates a delete event of class type “Unknown” with the association value set to the UNID of the stub document. If the “Unknown” class exists in the publisher filter, then this delete event is written to the driver’s publisher cache (ndsrep.nsf) to be consumed by the NotesDriverShim’s publisher thread and sent to the Identity Vault. Upon the eventual arrival at the Identity Vault, if the association value of the delete event can be appropriately matched to an existing object in the Identity Vault, then the object will be deleted from the Identity Vault.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: pnuffer
Mar 10, 2008
7:31 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow