NetIQ Documentation: Identity Manager 3.6.1 Overview

1.1 Data Synchronization

If your organization is like most, you have identity data stored in multiple systems. Or, you have identity data stored in one system that you could really use in another system. Either way, you need to be able to easily share and synchronize data between systems.

Identity Manager lets you synchronize, transform, and distribute information across a wide range of applications, databases, operating systems, and directories such as SAP^*, PeopleSoft^*, Lotus Notes^*, Microsoft^* Exchange, Microsoft Active Directory^*, Novell eDirectory™, Linux and UNIX, and LDAP directories.

Figure 1-2 Identity Manager Connecting Multiple Systems

You control the flow of data among the connected systems. Among other things, you determine what data is shared, which system is the authoritative source for a piece of data, and how the data is interpreted and transformed to meet the requirements of other systems.

In the following diagram, the SAP HR database is the authoritative source for a user’s telephone number. The Lotus Notes system also uses telephone numbers, so Identity Manager transforms the number into the required format and shares it with the Lotus Notes system. Whenever the telephone number changes in the SAP HR system, it is synchronized to the Lotus Notes system.

Figure 1-3 Data Synchronization between Connected Systems

Managing data for existing users is just the beginning of the data synchronization capabilities of Identity Manager. In addition, Identity Manager can create new user accounts and remove existing accounts in directories such as Active Directory, systems such as PeopleSoft and Lotus Notes, and operating systems such as UNIX and Linux. For example, when you add a new employee to your SAP HR system, Identity Manager can automatically create a new user account in Active Directory, a new account in Lotus Notes, and a new account in a Linux NIS account management system.

Figure 1-4 User Account Creation in Connected Systems

As part of its data synchronization capability, Identity Manager can also help you synchronize passwords between systems. For example, if a user changes his or her password in Active Directory, Identity Manager can synchronize that password to Lotus Notes and Linux.

Figure 1-5 Password Synchronization among Connected Systems