Previous Topic: Provisioning with CA IAM CSNext Topic: Create a Directory Monitor

Connector GuidesConnectors GuideProvisioning with CA IAM CSSet Up Synchronization with Active Directory

Set Up Synchronization with Active Directory

This section applies to CA IdentityMinder only.

You can use Active Directory Server (ADS) to synchronize attribute data to supported endpoints. You do this by configuring CA IAM CS to propagate local changes in Active Directory to a cloud-based identity store using a connector.

For example, assume that you have a SalesForce installation in the cloud. You could create an ADS group named "SalesForce" and then configure the CA IAM CS to monitor that group. CA IAM CS synchronizes any changes to the SalesForce environment in the cloud.

If you add a user to the ADS Salesforce group, CA IAM CS uses the SalesForce connector to trigger a "Create User" action in the SalesForce environment proper.

To set up directory synchronization, follow this process:

  1. Install CA IAM CS in your environment.
  2. Acquire the endpoints that you want to synchronize with.

    Consult the appropriate connector configuration documentation. You must acquire endpoints in order to create templates in step 4.

  3. Create one or more directory monitors. Monitors capture changes that you make in your local Active Directory, and report them for the synchronization.
  4. Create one or more synchronization templates. Templates control settings for the directory synchronization.

Flowchart showing the steps to set up directory sychronization