Filters exist on the driver and enable you to specify which classes and attributes an application can send to and receive from the Identity Vault. If you want a specific class to pass through for the Metadirectory engine to process, you should add the class to the filter on the appropriate channel. You also have the ability to filter objects by a specific attribute value you define.
The following icons are used on this page:
![]() |
Changes to this object are reported and automatically synchronized. |
![]() |
Changes to this object are not reported or automatically synchronized. |
![]() |
Changes to this object are reported, but not automatically synchronized. |
![]() |
Resets the object value to the value specified by the opposite channel. (You can set this value on either the Publisher or Subscriber channel, not both.) |
Add Class
Adds a class to the filter.
Add Attribute
Adds an attribute to the filter.
Delete
Deletes the selected class or attribute from the filter.
Copy Filter From
Lets you select and copy a filter from another driver.
Set Template
Use this option to set the default options for all attributes that are
added to the filter.
You can set the following options for an attribute value:
Publish |
Controls the flow of data on the Publisher channel into the Identity
Vault. The options are: |
Subscribe |
Controls the flow of data on the Subscriber channel into the connected
system. The options are: |
Merge Authority |
Default Behavior If an attribute is being synchronized in one channel and not the other, then all existing values on the destination for that channel are removed and replaced with the values from the source for that channel. If the source has multiple values and the destination can only accommodate a single value, then only one of the values is used on the destination side. If an attribute is being synchronized in both channels and both sides can accommodate only a single value, the application acquires the values store in the Identity Vault unless there is no value in the Identity Vault. If this is the case, the Identity Vault acquires the values from the application (if any). If an attribute is being synchronized in both channels and only one side can accommodate multiple values, the single-valued side's value is added to the multi-valued side if it is not already there. If there is no value on the single side, you can choose the value to add to the single side. This is always valid behavior. |
|
Identity Vault This is valid behavior when synchronizing on the Subscriber channel. |
|
Application This is valid behavior when synchronizing on the Publisher channel. |
|
None |
|
|
Optimize Modifications to Identity Manager |
Controls whether or not changes to this attribute are examined on the Publisher Channel to determine the minimal change made in the Identity Vault. |
You can set the following options on a class:
Publish |
Controls the flow of data on the Publisher channel into the Identity
Vault. The options are: |
Subscribe |
Controls the flow of data on the Subscriber channel into the connected
system. The options are: |
Create Home Directory |
Controls the automatic creation of home directories. |
Track Member of Template |
Determines whether or not the Publisher Channel maintains the Member of Template attribute when it creates objects from a template. |