Identity Manager maintains associations in an eDirectory attribute (Syntax : SYN_PATH) named DirXML-Associations. This attribute has three parts to it.
dirxml-associations: cn=DT-1,cn=DS1,o=n#1#abc@novell.com
The first part is a driver-dn, which denotes the driver this association is for; the second field denotes the association state; and the final field denotes the association value. The part that is used to store the driver-dn is stored as an eDirectory DN. If there are any object renames or moves, the associations do not get broken and are preserved.
However, any updates to the referred object also result in a reference check. This causes a small overhead that can impact performance in very large deployments.
To improve performance in large deployments, a new no-reference association has been introduced in Identity Manager. Though the existing association continues to be the default option, Identity Manager provides you an option to switch to the new association format for a driver. In your Identity Manager deployment, some drivers can have the legacy reference association while others create a no-reference association. The driver’s DN is maintained as a string with the new no-reference association. If you change this, the mapping of the object from the Identity Vault to the connected system might get broken.
A new attribute, DirXML-AssociationsLite of type SYN_CI_STRING, is included to store the no-reference association. The new attribute contains the stringized version of the object association.
dirxml-associationslite: \ABC-SLES10SP2X86-NDSTREE\n\DS1\bedir-174-18-4- 32#648F713EC4AB284967AB648F713EC4AB#1
The new association attribute uses "#" to delimit the components of the association. The first component is the complete driver-dn including the eDirectory tree name in the slash format. The second component is the association value and the last component is the association state.
A new attribute, DirXML-UseNoRefAssoc of type SYN_BOOLEAN, is included with the drivers to denote the type of association to be used for the drivers. The absence of this attribute or a value of false implies that the driver uses the legacy association attribute (DirXML-Associations). If the value is set to true, the driver uses the new association attribute (DirXML-AssociationsLite) for the association.
NOTE:You should use the new association format with Identity Manager Standard Edition that provides limited Reporting features or in very large deployments where referential checks cause considerable performance impact. If you use it with Identity Manager Advanced Edition, all aspects of the Reporting functionality might not work as expected.