Using the Management Agent for Sun and Netscape Directory Servers
By using the management agent for Sun and Netscape directory servers, you can synchronize with Sun and Netscape directory servers.
Connected data source support
- Sun and Netscape Directory Server 5.1, or 5.2
Management agent type
This is a call-based management agent.
The schema is generated based on the dynamic discovery of the data source by the management agent. When you refresh the schema for this management agent, the connected data source schema is rediscovered, the current management agent schema is updated, and then Management Agent Designer starts. In Management Agent Designer, you can correct any inconsistencies introduced by the updated schema, such as deleted object types or deleted attributes.
If you upgrade your Netscape Directory Server 4.1 to version 5.0 or greater, it is recommended that you use the following procedure to synchronize with FIM:
Upgrade your Netscape Directory Server.
Create a new management agent for Sun and Netscape directory servers.
Configure your join rules for the new management agent so that the objects on the upgraded server join to the existing metaverse objects.
Run a full import of the new management agent.
Remove the old management agent for the 4.1 server.
If changelog is not enabled on Sun ONE Directory Server, FIM cannot support delta import operations.
The management agent for Sun and Netscape directory servers does not automatically detect changes made to the configuration of the Sun or Netscape directory server, such as enabling or disabling changelog. If you change the configuration of the Sun or Netscape directory server, you must refresh the management agent by using the Refresh button on the Configure Naming Context page of the management agent. For more information, see Configure Naming Contexts.
During move operations, FIM first creates the new object and then deletes the old object. If you stop an export from FIM that is in progress and that contains moved objects, both the objects and their copies might be left on the Sun ONE Directory Server 5.0 or 5.1 server.
If the management agent for Sun and Netscape directory servers is requested to rename or move an object, but not change the uuid, and the uuid uniqueness plug-in is enabled on the Sun ONE Directory Server 5.0 or 5.1 server, then the rename or move operation fails. Disable the uuid uniqueness plug-in.
When you rename or move an object, all references to that object on the Sun ONE Directory Server 5.0 or 5.1 server that have their referential integrity managed by the Sun ONE Directory Server 5.0 or 5.1 server (that is, a valid intrapartition distinguished name attribute with the referential integrity plug-in enabled) are removed (that is, a renamed or moved user object is removed from all groups).
If you have an object on a Sun ONE Directory Server 5.2 server with a multi-value attribute that has more than 7 values, and if you delete several of those values through an Export Attribute Flow operation, then the Sun ONE Directory Server might delete the remaining values. Running a full import and export restores the missing attribute values.
If another Lightweight Directory Access Protocol (LDAP) call is made to a Sun ONE Directory Server 5.0 or 5.1 server before it is able to finish the first operation, Referential Integrity Post-Operations might fail. Run the Referential Integrity plug-in with a delay of one second. This logs the changes in a file, runs the referential integrity on only one thread, and checks changes sequentially. For more information about how to configure your server, see your Sun ONE Directory Server 5.1 documentation.
The Sun and Netscape directory servers management agent has a default timeout value for run profiles of 30 seconds.
When you update a Sun and Netscape directory server management agent, the management agent configuration file must be from the same Sun ONE Directory Server version.
This management agent supports password management. For more information, see See Also.
Configuring Management Agents
Create a Management Agent
Connect to a Sun or Netscape Directory Server
Configure Naming Contexts
Select Object Types
Select Anchor Attributes
Configure Connector Filter Rules
Configure Join and Projection Rules
Configure Attribute Flow Rules
Configure Deprovisioning Rules
Configure Password Management and Specify Rules Extensions