6.11 Matching - Publisher Mirrored

This rule finds matches in the Identity Vault for objects in the connected system based on their name and location. Implement the rule on the Publisher Matching policy in the driver.

There are two steps involved in using the predefined rules: creating a policy in the Matching policy set, and importing the predefined rule. If you already have a Matching policy that you want to add this rule to, skip to Importing the Predefined Rule.

6.11.1 Creating a Policy

  1. Open the Identity Manager Driver Overview for the driver you want to manage.

    For instructions on how to access the Identity Manager Driver Overview page, see Accessing the Identity Manager Driver Overview Page.

  2. Click the Matching Policy set object on the Publisher channel.

  3. Click Insert.

  4. Name the policy, make sure to implement the policy with the Policy Builder, then click OK.

    The Policy Builder is launched.

  5. Continue with Section 6.11.2, Importing the Predefined Rule.

6.11.2 Importing the Predefined Rule

  1. In the Policy Builder, click Insert.

    For information on how to access the policy builder, see Accessing the Policy Builder.

  2. Select Matching - Publisher Mirrored.

  3. Expand the predefined rule.

    Matching - publisher mirrored

  4. To edit the rule, click Matching - Publisher Mirrored in the Policy Builder.

    The Rule Builder is launched.

  5. In the Conditions section, click the Browse icon next to the Value field.

  6. Click the container in the source hierarchy where you want the matching to start.

  7. In the Actions section, click the Edit the arguments icon next to the Enter string field.

  8. In the Editor, click the browse button next to the Text field, browse to and select the container in the destination hierarchy where you want the source structure to be matched, then click OK.

  9. Click OK.

6.11.3 How the Rule Works

When an Add event occurs on an object in the connected system that is located within the specified source subtree, the rule constructs a DN that represents the same object name and location within the Identity Vault relative to the specified destination subtree. If the destination objects exists and is of the desired object class, then it is considered a match. You must supply the DNs of the source (connected system) and destination (Identity Vault) subtrees.