Identity Manager has an additional feature that extends Identity Manager functionality across applications. It is called the Remote Loader, and it allows the driver to access the application without having the Identity Vault and the Metadirectory engine installed on the same server as the application. As part of the planning process when installing Identity Manager, you need to decide if you are going to use the Remote Loader or not. This section defines what the Remote Loader is and contains instructions for installing and configuring the Remote Loader.
There are two different ways to configure the installation of the Metadirectory engine. Figure 1-1 illustrates the first way. It shows that the Identity Vault, Metadirectory engine, and the driver shim all are installed and running on the same server. The driver shim is configured to communicate with the application and the Metadirectory engine.
Figure 1-1 All Components Installed on the Same Server
Figure 1-2 illustrates both configurations. The LDAP driver is installed on the same server as the Metadirectory engine and the Identity Vault. The Active Directory driver is installed on different servers with the Remote Loader. The Remote Loader allows the driver to access the application without having the Identity Vault and Metadirectory engine installed on that same server.
Figure 1-2 A System Using the Remote Loader
The Remote Loader enables the Metadirectory engine to exchange data with the Identity Vault as different processes and in different locations, including the following:
As a separate process on the server where the Metadirectory engine is running: The Metadirectory engine runs as part of an eDirectory process. The Identity Manager drivers can run on the server where the Metadirectory engine is running. In fact, they can run as part of the same process as the Metadirectory engine.
However, for strategic reasons and to simplifying troubleshooting, you might want the Identity Manager driver to run as a separate process on the server.
If the driver is running as a separate process, the Remote Loader provides a communication channel between the Metadirectory engine and the driver.
On a server that is not running the Metadirectory engine: Some of the Identity Manager drivers are unable to run where the Metadirectory engine is running. The Remote Loader enables you to run the Metadirectory engine in one environment while running an Identity Manager driver on a server in a different environment. For example, you cannot run the Active Directory driver on a Linux server. The Metadirectory engine can run on the Linux Server while the Remote Loader runs on an Active Directory server.
Scenario: Separate Servers. The Metadirectory engine is running on a Linux Server. You need to run the Identity Manager Driver for Active Directory. This driver is unable to run on a Linux Server because it must run in an Active Directory environment. You install and run the Remote Loader on a Windows 2003 server. The Remote Loader provides a communication channel between the Active Directory driver and the Metadirectory engine.
Scenario: Non-Host. The Metadirectory engine is running on Solaris. You need to communicate with a NIS system where you want to provision user accounts. That system usually doesn’t host the Metadirectory engine. You install the Remote Loader and the Identity Manager Driver for NIS on the NIS system. The Remote Loader on the NIS system runs the NIS driver and enables the Metadirectory engine and the NIS driver to exchange data.
Novell recommends that you use the Remote Loader configuration for use with your drivers where possible. Use the Remote Loader even in cases where the connected system is on the same server as the Metadirectory engine. The following benefits occur by running the driver with the Remote Loader configuration:
eDirectory is protected from any exceptions encountered by the driver shim.
It improves the performance of the server running the Metadirectory engine, by offloading driver commands to the remote application or database.
It allows you to run additional drivers on the server where the Metadirectory engine is not installed.
The following drivers support the Remote Loader capability.
Data Collection Services
GroupWise (Available only for 32-bit Remote Loader)
Managed System Gateway
Manual Task Services
SAP Business Logic
SAP GRC (CMP only)
SAP User Management
Integration Module V2.0 for Sentinel
The following drivers do not support the Remote Loader capability:
Null and Loopback Services
For more information about the Identity Manager Remote Loader, see this article.