The following sections contain a list of the driver’s key features.
A local installation is an installation of the driver on the Metadirectory server. The Ellucian Banner driver can be installed on the operating systems supported by the Metadirectory server.
For information about the operating systems supported for the Metadirectory server, see System Requirements in Identity Manager 4.0.2 Framework Installation Guide .
The Ellucian Banner driver can use the Remote Loader service to run on a server other than the Metadirectory server. The Ellucian Banner driver can be installed on the operating systems supported for the Remote Loader.
For information about the supported operating systems, see System Requirements in Identity Manager 4.0.2 Framework Installation Guide .
The Ellucian Banner driver interacts with Banner via the Banner Enterprise Integration Service (BEIS). BEIS publishes data in SPML format. The driver is limited to operations supporteed by SPML. The basic configuration files for the Ellucian Banner driver are capable of performing the following operations on User objects.
Add
Modify
Delete
Query
Modify password
Table 1-1 Supported XDS Commands and their associated SPML requests
|
XDS Command |
SPML Request |
|---|---|
|
add |
addRequest |
|
modify |
modifyRequest |
|
delete |
deleteRequest |
|
query |
lookupRequest |
The SPML lookupRequest does not allow for querying for specific attribute values. Instead, it retrieves a specific object by specifying a UDCIdentifier for that object.
Password modification operations are synthesized in policy, depending on the default password setting. If the password in the Identity Vault is being set from an attribute in the UDCIdentity, a modify to that attribute value will become a password modify operation in the Identity Vault.
BEIS does not support rename or move operations. It is possible to synthesize these operations in IDM Policy based on attribute data changes in the XML data received from BEIS.
The driver publishes role information from the Ellucian system. Roles are used to grant access to information on the Ellucian Portal in Luminis and other Ellucian applications and resources. Ellucian does not delete identities after they are created. The Ellucian system removes roles from the collection of roles on a given user. Consultants or IDM administrators deploying the driver might implement Role-Based Entitlements on other drivers to react to changes in the list of roles for a given user.
For additional information, see Section 3.1.6, Understanding Institutional Roles.
By default, the Novell Identity Manager driver for Ellucian Banner policies do not synchronize passwords to or from the Ellucian system. However, when a user is added to the Identity Vault, a password can be created for the user by selecting an attribute to pull the password from, or by generating a random password using a policy on the Publisher Channel Command Transform.
In order to configure this policy, select the behavior of this policy by setting the “Banner Password Settings” attributes on the “Password Settings” tab of the GCV editor.
Select to have a random password generated for the new user. You can specify the number of alphabetic characters and numeric characters which must be used in generating the password.
Select to have a password value set from the value of an attribute on the user object. BEIS can be configured to publish a password from the Banner system as an extension attribute. The driver will recognize the extension attribute and publish it as an <add-attr> element in the XDS document to be sent to the IDM engine. Map the Banner element name to an eDirectory attribute and set that attribute name as the and the driver password policy will use the attribute in the specified eDirectory attribute as the user’s new password.