5.2 Editing the Filter

The Filter editor gives you the options of editing how information is synchronized between the Identity Vault and the connected system.

Figure 5-1 Filter Editor

Here is a list of most common tasks when editing the filter:

5.2.1 Removing a Class or an Attribute from the Filter

  1. Select the class or attribute, then click Delete.

5.2.2 Adding a Class

  1. Click Add Class.

  2. Click the type of class you want to add.

  3. Change the options to synchronize the information.

  4. Click Apply.

5.2.3 Adding an Attribute

  1. Select the Class where you want the attribute to be added.

  2. Click Add Attribute.

  3. Select the attribute you want to add, then click OK.

  4. Change the option to synchronize the information.

  5. Click Apply.

5.2.4 Copying a Filter

You can copy the filter from an existing driver into the driver you are currently working on.

  1. Click Copy Filter From.

  2. Browse to and click the driver you want to copy the filter from.

  3. Click Apply or OK.

5.2.5 Setting a Template

You can set the default values for an attribute you add to the filter.

  1. Click Set Template.

  2. Select the options you want the new attributes to have, then click OK.

You can change the values of the attributes after they have been created.

5.2.6 Changing the Filter Settings

The Filter editor gives you the option of changing how information is synchronized between the Identity Vault and the connected system. The filter has different settings for classes and attributes.

  1. In the Filter editor, select a class.

  2. Change the filter settings for the selected class.

    Options

    Definitions

    Publish

    • Synchronize: Allows the class to synchronize from the connected system into the Identity Vault.

    • Ignore: Does not synchronize the class from the connected system into the Identity Vault.

    Subscribe

    • Synchronize: Allows the class to synchronize from the Identity Vault into the connected system.

    • Ignore: Does not synchronize the class from the Identity Vault into the connected system.

    Create Home Directory

    • Yes: Automatically creates home directories.

    • No: Does not create home directories.

    Track Member of Template

    • Yes: Determines whether or not the Publisher channel maintains the Member of Template attribute when it creates objects from a template.

    • No: Does not track the Member of Template attribute.

  3. Select an attribute.

  4. Change the filter settings for the selected attribute.

    Options

    Definitions

    Publish

    • Synchronize: Changes to this object are reported and automatically synchronized.

    • Ignore: Changes to this object are not reported or automatically synchronized.

    • Notify: Changes to this object are reported, but not automatically synchronized.

    • Reset: Resets the object value to the value specified by the opposite channel. (You can set this value on either the Publisher channel or Subscriber channel, not both.)

    Subscribe

    • Synchronize: Changes to this object are reported and automatically synchronized.

    • Ignore: Changes to this object are not reported or automatically synchronized.

    • Notify: Changes to this object are reported, but not automatically synchronized.

    • Reset: Resets the object value to the value specified by the opposite channel. (You can set this value on either the Publisher channel or Subscriber channel, not both.)

    Merge Authority

    • Default: If an attribute is not being synchronized in either channel, no merging occurs.

      If an attribute is being synchronized in one channel and not the other, then all existing values on the destination for that channel are removed and replaced with the values from the source for that channel. If the source has multiple values and the destination can only accommodate a single value, then only one of the values is used on the destination side.

      If an attribute is being synchronized in both channels and both sides can accommodate only a single value, the connected application acquires the Identity Vault values unless there is no value in the Identity Vault. If this is the case, the Identity Vault acquires the values from the connected application (if any).

      If an attribute is being synchronized in both channels and only one side can accommodate multiple values, the single-valued side’s value is added to the multi-valued side if it is not already there. If there is no value on the single side, you can choose the value to add to the single side.

      This is always valid behavior.

    • Identity Vault: Behaves the same way as the default behavior if the attribute is being synchronized on the Subscriber channel and not on the Publisher channel.

      This is valid behavior when synchronizing on the Subscriber channel.

    • Application: Behaves the same as the default behavior if the attribute is being synchronized on the Publisher channel and not on the Subscriber channel.

      This is valid behavior when synchronizing on the Publisher channel.

    • None: No merging occurs regardless of synchronization.

    Optimize Modification to Identity Vault

    • Yes: Changes to this attribute are examined on the Publisher channel to determine the minimal change made in the Identity Vault.

    • No: Changes are not examined.

  5. Click OK to save the changes.