Identity Manager maintains associations in an eDirectory attribute (Syntax : SYN_PATH) named DirXML-Associations. This attribute has three parts to it.
dirxml-associations: cn=DT-1,cn=DS1,o=n#1#abc@novell.com
The first part is a driver-dn which denotes the driver this association is for, the second field denoted the association state and the final field the association value. The part that is used to store the driver-dn is stored as an eDirectory DN. If there are any object renames or moves, the associations do not get broken and are preserved.
However, any updates to the referred object will also result in a reference check. This causes a small overhead that can impact performance in very large deployments.
To improve performance in large deployments, a new no-reference association has been introduced in Identity Manager. Though existing association continues to be the default option, Identity Manager provides you an option to switch to the new association format for a driver. In your Identity Manager deployment, some drivers can have the legacy reference association while others create no-reference association.
As the driver’s DN is maintained as a string with the new no-reference association, ensure that this is not changed as it may lead to some issues.
A new attribute, DirXML-AssociationsLite of type SYN_CI_STRING, is included to store the no-reference association. The new attribute contains the stringized version of the object association.
dirxml-associationslite: \ABC-SLES10SP2X86-NDSTREE\n\DS1\bedir-174-18-4-32#648F713EC4AB284967AB648F713EC4AB#1
The new association attribute uses "#" to delimit the components of the association. The first component is the complete driver-dn including the eDirectory tree name in the slash format. The second component is the association value and the last component is the association state. A new attribute, DirXML-UseNoRefAssoc of type SYN_BOOLEAN, is included with the drivers to denote the type of association to be used for the drivers. The absence of this attribute or a value of false implies that the driver uses the legacy association attribute (DirXML-Associations). If the value is set to true, the driver uses the new association attribute (DirXML-AssociationsLite) for the association.