Novell Identity Manager 3.6 / Windows Server 2003 R2
eDirectory 8.8 Sp3 / Windows Server 2003 R2


We have following situation, and I'd like to hear from IdM guys about

We have 10 AD Drivers in a single Dirver Set. They Pull information for
User,Groups and Ou from their connected Active Directory and Put these
objects into single IDVault under a shared OU.

What we want to accomplish is that after objects are created in
IDVault by these AD drivers, the Subscriber channel on these all AD
driver should only process objects back to AD only if the object were
created/processed by its publisher channel.

Let suppose, If AD driver (A) has creates a object into IDVault
(Publisher),, the AD driver(B) should not process back this object on
its Subscriber, but only AD Driver (A) should process this object back
to its Subscriber.

The one solution could be to check "if Object is associated" on
Sub-Etp, OR Other solutions it could be just putting a Scope Filter on
the Subscriber Channel (Sub-Etp) to Check if Object is Created in
Speciofied OU, the process otherwise not.

But doing this, we will end up putting these conditions on the each
every AD driver subscriber channel for each New OU these driver creates
in IDvault later on.

Is there are any good solution for this?.. like creating a single
policy on the each driver for once?

and Does IDVault object knows which driver they were created by?
ID-driver GUID or something?


love anything that talks binary!
belaie's Profile:
View this thread: