Managing user data using Tivoli® Directory Integrator Solution scripts

There are a number of scenarios in which you might want to synchronize changes between the Profiles database and the LDAP directory, using IBM® Tivoli® Security Integrator.

Note: Before running any of the SDI Solutions (tdisol) scripts,ensure you have Set up the Security Directory Integrator Solutions directory (tdisol).

When you want to update user information in the Profiles database, the model typically used is to update the information in the LDAP directory and then synchronize the changes back to the Profiles database. For example, if your organization has taken over a new division, you can add new employees to Profiles by importing their details into the LDAP directory and then synchronizing the changes to the Profiles database. One way to keep your profiles data synchronized with changes to the LDAP directory is to use the sync_all_dns task. For more information, see Synchronizing source changes such as LDAP with Profiles.

However, there might be instances in which your organization wants to allow users to update their information directly in the Profiles database. For example, if users want to update their personal cell phone details, as administrator, you might allow them to make the changes in Profiles themselves. These changes must be synchronized back to the LDAP directory from Profiles. To start the synchronization process, you need to define values for the DSML server-related properties in the profiles_tdi.properties file and then run the appropriate process_draft_updates script. For more information, see Synchronizing user data between Profiles and LDAP.

Although it is not expected to be a frequent occurrence, there might also be instances in which you want to change your LDAP directory. In this scenario, you can run scripts that are provided with HCL Connections to synchronize the user information used in Profiles with the user information stored in your new LDAP directory. For more information, see Updating Profiles when changing LDAP directory.

Related information is available in the IBM Security Directory Integrator solutions for HCL Connections real-world scenarios wiki article.