IBM Tivoli Directory Integrator
The IBM TDI provides an infrastructure and a number of ready-to-use
components for implementing solutions that synchronize user passwords
in heterogeneous software environments.
A password synchronization solution built with the IBM TDI can intercept
password changes on a number of systems. The intercepted changes can
be directed back into:
- The same software systems, or
- A different set of software systems.
Synchronization is achieved through the IBM TDI AssemblyLines, which can be configured to propagate the intercepted passwords to
desired systems.
The components that make up a password synchronization solution
are: Password Synchronizers, Password Stores, Connectors and AssemblyLines.
The Password Synchronizers, Password Stores and Connectors are ready-to-use
components included in the IBM TDI. As a result, implementing the solution that intercepts the passwords and makes
them accessible from IBM TDI is achieved by
deploying and configuring these components.
These
components are not available in the TDI 7.1 General Purpose Edition.
The following sections describe the specialized password synchronization
components that are currently available.
- Password Synchronizers
-
- Password Synchronizer for Windows XP/Vista
- Intercepts the Windows login
password change.
- Password Synchronizer for IBM Tivoli Directory Server
- Intercepts IBM Tivoli Directory Server password changes.
- Password Synchronizer for Sun Directory Server
- Intercepts Sun ONE Directory Server password changes.
- Password Synchronizer for Domino
- Intercepts changes of the HTTP password for Lotus Notes users.
- Password Synchronizer for UNIX and Linux
- Intercepts changes of UNIX and Linux user passwords.
- Password Stores
-
- LDAP Password Store
- Provides the function necessary to store the intercepted user
passwords in LDAP directory servers.
- JMS Password Store
- JMS Password Store (formally known as the MQ Everyplace Password Store) provides the functionality
necessary to store intercepted user passwords in a JMS Provider's
Queue from where any JMS client for example, TDI) could read them.
- Log Password Store
- The Log Password Store is solely used to log any actions that
a normal password store would take. This password store is useful
for verifying that the Java Proxy and the native plug-ins are communicating
correctly.
- Specialized Connectors
-
- JMS Password Store Connector
- Provides the function necessary to retrieve password update
messages from IBM WebSphere MQ Everyplace and send them to IBM TDI.
- Tivoli Identity Manager Integration
- The IBM TDI V7.1 Password Synchronization Plug-ins Guidealso details the steps required for
integration between Tivoli Identity Manager and the following
Password Synchronizers:
For more information about installing and configuring the IBM Password
Synchronization plug-ins, please see the IBM TDI V7.1 Password Synchronization Plug-ins Guide.