When you first run the driver, you might have identities in the Identity Vault that you want to provision to the connected system, or vice versa. Identity Manager provides a built-in migration feature to help you accomplish this.
In Identity Console, click the Identity Manager Drivers module from the landing page.
Click the specific driver to perform your migration.
Click the Data Transformation and Synchronization tab.
Click Migrate From IDVault tab.
Click the Add icon. A browse and search dialog box that allows you to select objects is displayed.
Select the objects you want to migrate, then click OK.
To view the results of the migration, click View the Driver Status Log. For details about the log, see The Status Log.
If a user has a Distribution Password, the Distribution Password is migrated to the connected system as the user’s password. Otherwise, no password is migrated. For information about Universal Passwords and Distribution Passwords, see the appropriate version of the Password Management Administration Guide at the NetIQ Documentation Web site.
In Identity Console, click the Identity Manager Drivers module from the landing page.
Click the specific driver to perform your migration.
Click Migrate Into IDVault tab.
Use the Edit Migration Criteria icon.
Specify your search criteria:
Select class User or class Group.
IMPORTANT:Identity Manager imports objects by class in the order specified in the list. Migrate users before you migrate groups so that the users can be added to the newly created groups.
Select the attributes to be used as search criteria for objects of the selected class, then click OK.
The eDirectory attributes map to RACF attributes as specified by the driver schema: CN maps to DirXML-RACF-userid, etc. For the default mappings, see Table 1-2, Default Filter and Schema Mapping.
Specify values for the selected attributes, then click OK.
Click the Migrate Into IDVault icon.
To view the results of the migration, click View the Driver Status Log. For details about the log, see The Status Log.
Because local passwords cannot be retrieved from RACF, they cannot be submitted to the Metadirectory engine until they are changed. The password change exit routine captures password changes.
To generate events for associated objects that have changed since the driver’s last processing, in Identity Console:
In Identity Console, click the Identity Manager Drivers module from the landing page.
Click the specific driver to perform your synchronization.
Click the Data Transformation and Synchronization tab.
Click the Synchronize tab.
Select to Examine all objects or Use a starting date/time, and click the Synchronize icon.