jspωiki
Event Transformation Policy Set

Overview#

Event Transformation Policy Set or (ETP) alter the DirXML Engine's view of the events that happen in the Identity Vault namespace or the Connected Application

Event Transformation Policy Set DirXML Rules operate on events reported on a channel input. The Subscriber Channel and Publisher Channel usually have different Event Transformation Policy Sets.

The purpose of the Event Transformation Policy Set rules is to modify the report of the events before the events are processed further by DirXML Engine. Note that Merge operation are not processed by Event Transformation Policy Set

There are many common applications for the Event Transformation rules, including:

  • Scope filtering (for example, only allow events on objects in a particular subtree, or with a particular attribute value)
  • Custom event filtering (for example, disallow moves or deletes)
  • Transforming the event directly into a custom command to be passed to the connected system
  • Generating additional events

Event Transformation Policy Set Publisher Channel#

The input to the Publisher Channel is a description of an event coming from the Connected Application. The purpose of the Event Transformation Policy Set rules is to modify that event description. Event Transformation Policy Set is applied after the Translation Processor and Schema Mapping Policy, but before any other policy-based event processing. The policies implemented in the Event Transformation Policy Set rule act on the event, such as Add, Delete, or Modify, and not on the data within the event. This is the place where policies are applied to events. For example, you can apply a policy that blocks add events.

If an Add operation is converted into a Merge operation, the current document is discarded, and the filter is used to query to both the connected system and to Identity Vault for all values. The setting for each attribute in the filter is used to decide what to do with the data. The options include overwriting the source information with the information from the destination, overwriting the destination with the source, combining the two and updating both with the results, or doing nothing.

If an Add event contains an association value, the Identity Manager engine turns it into a Modify event.

Event Transformation Policy Set Subscriber Channel#

The input to the Subscriber Channel is a description of an event coming from the Identity Vault namespace. In many cases, the Novell IDM Driver Filters might be used to determine the types of ObjectClass Types you want, and the attributes of those ObjectClass Types, but the Event Transformation Policy Set policy can be used to further customize the events. This can be referred to as scope filtering, and it allows for much finer control of what gets through.

For example, you can use Novell IDM Driver Filters to specify user objects. It assumes that you want all users synchronized. If a Connected Application is limited to a subset of all users, then the Event Transformation Policy Set is used to decide if an event for an object is in scope or not.

For example, if your connected system should have only users with a department attribute of Sales in it, then a rule on the Event Transformation Policy Set to block any event that is for a user that does not have Sales as its department can accomplish this goal.

More Information#

There might be more information for this subject on one of the following: