Identity information with IBM Security Directory Integrator
We can use IBM Security Directory Integrator (SDI) to:
- Import identity information into ISIM
- Manage accounts on external resources in the ISIM data store
Identity data can come from a human resources repository or another source, such as WebSphere Application Server or a company-wide directory. An identity record in HR data becomes an instance of a person object in ISIM. Integration with SDI requires network connectivity with the ISIM system and a new service type to manage data feeds.
Advantages:
- Avoid the need for custom programming to manipulate raw personal information data into a form that can be imported into ISIM. SDI can be used to parse data from a comma-separated file or a database and feed the result into ISIM as personal information data or changes to that data. Previously, a Directory Services Markup Language (DSML) file or custom JNDI client was required.
- Manage identity data in which IBM Security Identity Manager can act as a DSMLv2 client to retrieve person data from SDI in reconciliation by running searches against SDI, which acts as a DSMLv2 server. IBM Security Identity Manager can also act as a DSMLv2 server, accepting requests from a DSMLv2 client such as SDI, with the JNDI service provider. DSMLv2 is deprecated in ISIM Version 5.0 in favor of the remote method invocation (RMI)-based SDI (IDI) adapter framework. DSMLv2 continues to be supported in this release.
- Provide advantages in account management. See additional documentation in the extensions directory. From the Custom File Management menu in the Appliance Dashboard, download
directories/utilities/extensions.zip
Extract the file and go to the versionNumber/examples.
See Also: Manage custom files.
Parent topic: IBM Security Directory Integrator (IDI) data feed