The sections below contain a list of the key driver features.
The SharePoint driver does not run locally.
The SharePoint driver uses the .NET Remote Loader service to run on a Windows SharePoint server other than the Identity Manager server. The Remote Loader service for the SharePoint driver can be installed on Windows Server 2003 SP2 (32-bit), Windows Server 2008 (32-bit and 64-bit), and Windows Server 2008 R2 (64-bit).
For additional information about system requirements, refer to the NetIQ Identity Manager Setup Guide for Linux or NetIQ Identity Manager Setup Guide for Windows.
The SharePoint driver implements entitlements.
Entitlements make it easier to integrate Identity Manager with the Identity Manager User Application and Role-Based Services in eDirectory. In the User Application, an action such as provisioning an account in SharePoint is delayed until the proper approvals have been made. In Role-Based Services, rights assignments are made based on attributes of a user object and not by regular group membership. Both of these services offer a challenge to Identity Manager because it is not obvious from the attributes of an object whether an approval has been granted or the user matches a role. Entitlements standardize a method of recording this information on objects in the Identity Vault.
From the driver perspective, an entitlement grants or revokes the right to something in SharePoint. You can use entitlements to grant the right to an account in SharePoint or to control group membership. The driver is unaware of the User Application or Role-Based Entitlements. It depends on the User Application server or the Entitlements driver to grant or revoke the entitlement for a user based upon its own rules.
You should enable entitlements for the driver only if you plan to use the User Application or Role-Based Entitlements with the driver. For more information about entitlements, see the NetIQ Identity Manager Entitlements Guide.
The driver can be configured without using entitlements. In these scenarios, Active Directory could be the authoritative source for both users and group membership. After the Active Directory driver synchronizes identities and group membership from Active Directory into the Identity Vault, the SharePoint driver synchronizes them from the Identity Vault into SharePoint.