Data mapping model
IDM uses mappings to determine which data to synchronize, and how that data must be synchronized.
In general, identity management software implements one of the following data models:
-
A meta-directory data model, where all data is mirrored in a central repository.
The meta-directory model offers fast access at the risk of getting outdated data.
-
A virtual data model, where only a minimum set of attributes are stored centrally, and most are loaded on demand from the external resources in which they are stored.
The virtual model guarantees fresh data, but pays for that guarantee in terms of performance.
IDM leaves the data model choice up to you. You determine the right trade-offs for a particular deployment. IDM does not hard code any particular schema or set of attributes stored in the repository. Instead, you define how external system objects map onto managed objects, and IDM dynamically updates the repository to store the managed object attributes that you configure.