15.2 Understanding the Remote Loader

The Remote Loader allows you to run Identity Manager drivers on connected systems that do not host the Identity Vault and Identity Manager engine. The .Net Remote Loader works on Windows-based systems only.

The Remote Loader is capable of hosting Identity Manager application shims contained in platform-specific files through JNI, as well as the more-common Identity Manager application shims contained in platform-agnostic JAR files. The Remote Loader can run on any platform. However, platform-specific shims must be run on their native platform (for example, .so files on Linux/Unix).

15.2.1 Understanding Shims

The Remote Loader uses shims to communicate with the application on a managed system. A shim is the file or files that contain the code to process the events that are synchronizing between the Identity Vault and the application. Before using the Remote Loader, you must configure the application shim to connect securely with the Identity Manager engine. You must also configure both the Remote Loader and the Identity Manager drivers.

For more information, see Section 17.0, Configuring the Remote Loader and Drivers.

15.2.2 Determining When to Use the Remote Loader

You can install the Identity Manager engine, Identity Vault, and the driver shim on the same server. The Identity Manager engine runs as part of an eDirectory process. The Identity Manager drivers can run on the server with the Identity Manager. They also can run as part of the same process as the Identity Manager engine. However, in the following scenarios, you might want the Identity Manager driver to run as a separate process on the server that hosts the Identity Manager engine:

To protect the Identity Vault from any exceptions encountered by the driver shim.
To improve the performance of the server running the Identity Manager engine, by offloading driver commands to the remote application or database.
To run additional drivers on servers that do not host the Identity Manager engine.

In these scenarios, the Remote Loader provides a communication channel between the Identity Manager engine and the driver. For example, you install an LDAP driver on the same server as the Identity Manager engine and the Identity Vault. Then you install the Active Directory (AD) driver on a different server with the Remote Loader. To allow the drivers to access the application and communicate with the Identity Vault, install the Remote Loader on both servers, as shown in the following figure.

NetIQ recommends that you use the Remote Loader configuration for use with your drivers where possible. Use the Remote Loader even in cases where the application is on the same server as the Identity Manager engine.

15.2.3 Understanding the Java Remote Loader

The Java Remote Loader provides the flexibility to load a driver shim on computers with UNIX or Linux servers that the native Remote Loader does not support. The Java Remote Loader is a Java application. You can use the Java Remote Loader with any publicly supported version of Java.

To open the application, run the shell script named dirxml_jremote. For more information, see Section 17.5, Configuring the Java Remote Loader for Driver Instances.