The Identity Manager Driver for GroupWise synchronizes data and events from eDirectory through a series of policies. Policies help Identity Manager make decisions as the documents traverse a channel. A policy might determine that a document needs to be transformed in some way before continuing to the destination. For example, a Create policy specifies that a User object must have a value for the CN attribute, so any attempt to create a User object without a CN value is not allowed by that policy.
The policies in this section are examples of the many possible solutions for your company’s business rules. The code segments show simple and partial solutions and do not cover all situations and conditions. In addition, the code segments only process the attributes of interest and do not handle other attributes.
The driver performs several actions by default:
The user’s eDirectory Common Name (CN) is used as the GroupWise MailboxID when a GroupWise account is created.
The driver configuration uses a single post office. All accounts are created in a single post office.
You set defaults for policies and filters when you import the driver configuration. If you want to change the default behavior of the driver, we recommend that you make modifications in this order:
Modify the driver filter to include additional attributes to be synchronized. See Modifying the Driver Filter for more information.
Modify the Schema Mapping policy to include all attributes to be synchronized. See Adding Entries to the Schema Mapping Policy for more information.
Modify the Subscriber Create policy. See Modifying the Create Policy for more information.
Modify the Subscriber Placement policy. See Modifying Policies.
The driver filter contains the eDirectory classes and attributes for the Publisher and Subscriber channels. The purpose of the filter is to define how attributes are shared between systems. All attributes in the driver filter are required for processing, so you should not remove attributes from the filter.
You can, however, make additions to the filter. If you add classes or attributes to the filter, you should append the “merge-authority” string to the added attribute in the Mapping policy.
For example:
<filter-attr attr-name="Description" merge-authority="edir" publisher="ignore" subscriber="sync"/>
The Schema Mapping policy is contained in the driver object and applies to both the Subscriber and Publisher channel. The purpose of the Schema Mapping policy is to map schema names (particularly attribute names and class names) between the eDirectory namespace and the GroupWise namespace. Do not modify or remove existing entries in the Schema Mapping policy. You can, however, add entries to the Schema Mapping policy.
You modify the Create policy to implement your specific business rules. The Create policy determines whether or not a GroupWise account is created. A Create policy also can perform other modifications to the Add event, such as providing default values for attributes.
In the driver configuration, the Create policy specifies two required attributes: CN and Surname.
The policy is controlled by a global configuration value (GCV) that sets the initial password to Surname and CN. For more information on GCVs, refer to Section 3.1.3, Understanding Global Configuration Values.
Matching policies define the minimum criteria that two objects must meet to be considered the same. We recommend that you do not change the default Matching policy.
Global configuration values (GCVs) are new settings that are
similar to driver parameters. Global configuration values can be
specified for a driver set as well as an individual driver. If a
driver does not have a GCV value, the driver inherits the value
for that GCV from the driver set. GCVs allow you to specify settings
for new Identity Manager features such as password synchronization
and driver heartbeat, as well as settings that are specific to the
GroupWise driver. For more information, refer to Using
Global Configuration Values
in Novell
Identity Manager 3.0.1 Administration Guide.