16.4 Deploying a Driver to an Identity Vault

Suppose you finish a new driver object that you want to deploy into a test tree, or suppose you have imported a driver object, made significant modifications, and now you want to deploy that driver object back into its working tree. Use the following procedure to deploy an Identity Manager Driver object (and all contained channels and policies) into a driver set:

  1. Select an Identity Vault in the Modeler view.

  2. Right-click a driver object connected to a Driver Set icon in the Identity Vault.

    The driver object is represented by a circle icon.

  3. Click Live > Deploy.

    Deploying a Driver object

    You can also select the driver object from the Outline view. Click the Outline tab, right-click the driver object you want to deploy, then click Live > Deploy.

    An error displays if Designer can’t authenticate to the eDirectory tree specified in the Identity Vault, or if you do not have the Deployment DN designated in the Properties tab of the Identity Vault you are deploying to.

  4. Review the information displayed in the Deployment Summary window to see the differences between the objects you are deploying and those that already reside in an eDirectory tree. It is the same as the Compare feature. For more information about how to use the Compare window, see Section 16.7, Using the Compare Feature When Deploying.

    When you deploy or reconcile a driver, the Identity Manager version of the Identity Vault server is updated to match the live system. Updating the Identity Manager version allows Designer to correctly set the engine controls for the driver so that invalid engine controls are not deployed to the Identity Vault.

    The Deployment Summary window
  5. Click Deploy to begin the process.

  6. Click OK to close the Deployment Results window.

  7. (Conditional.) If you see other informational messages, decide what action to take.

    You might see a message in the Deployment Results window stating that the deployment was unsuccessful. Click the error messages in the Operation Results portion of the window to see the error descriptions and possible reasons in the Details portion.

  8. (Conditional) If this is a new deployment, the Deploy - New Driver Settings window displays. Define security equivalences on the driver set and identify all objects that represent Administrative roles and exclude them from being replicated.

    Setting security equivalences and excluding administrative roles

    In both instances, Novell recommends that you select the Admin object, and any other objects that qualify in your network settings.

    You can modify security equivalences and excluded roles after the driver is deployed. To do so, right-click the driver object and select Live > Set Up Driver Security, or right-click the Application object and select Driver > Set Up Driver Security.