Overview #

DirXML Associations are the mechanism used by Identity Manager to establish and maintain a linkage between an object in the Identity Vault and an application object. The shim normally provides a unique key value for each application object and the Identity Manager Engine manages the storage of those key values in the Identity Vault in the DirXML-Association Attribute

A shim's responsibility with respect to DirXML Associations is to provide a unique key value for each object and to notify the Identity Manager Engine whenever something happens that affects that unique key. In practice this means:

  • Provide the unique key value for the object whenever communicating any information about the object to the Identity Manager Engine (events and queries).
  • Report to the Identity Manager Engine whenever the unique key value of a relevant object changes using <modify-association>.
  • Report to the Identity Manager Engine the unique key value of an object created as a result of processing and <add> command in the SubscriptionShim using <add-association> in the result document returned from the add processing.

The DirXML-Association Attribute #

There is a DirXML-Association Attribute

Warning #

Novell has no KNOWN public publication as to the the details of this attribute other than or the attribute's syntax, 2.16.840.1.113719.1.1.5.1.15. How the values are constructed and what We show here what we have learned along the way from empirical evidence and from others.

DirXML-Association States#

The DirXML-Association Attribute is applied to entries (like users) and the DirXML-Association State indicates the synchronization state of the entry for any given driver.

Tools for modification of Associations #

Determine the State of DirXML-Associations #

You can use LDAPSEARCH to Determine the State of DirXML-Associations

Working with DirXML-Associations in Policies #

How to Working with DirXML-Associations in Policies

Attribute Details #

The DirXML-Associations attribute uses the path syntax

More Information #

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-20) was last changed on 24-Sep-2014 13:23 by jim