This topic has 2 replies, 2 voices, and was last updated 2 years, 3 months ago by AdessoThomas.

  • Author
  • #23720

    In our project, we have two DS servers and two IDM servers. The golden source of data is an Oracle database. We set up a reconciliation and a live sync to apply changes in the DB to LDAP on a “near time” basis.
    I wonder if the the reconciliation is needed ever after the initial recon where the LDIF files are created.
    The live sync scripts should do everything which is needed – or did I oversee something?

    • This topic was modified 2 years, 4 months ago by AdessoThomas.

    If an entry is deleted in your source database, a simple livesync won’t be able to detect it. You can work around this by setting a “deleted” flag instead of actually deleting, if you need fast reactions by IDM.

    And of course “should” is not “will work”. If there is any issue, missing an entry with livesync is a possibility. A regular reconciliation (during the night, on the weekend…) will fix it.


    Many thanks for the reply. I buy the point with the deletion (which won’t appear in our project).
    But how could other modifications be “missed” by livesync?
    My understanding is, OpenIDM holds a timestamp reference and – when triggered – catches up all changes, even if the last sync wasn’t successful.

    Or did I get something wrong?

    • This reply was modified 2 years, 3 months ago by AdessoThomas.
    • This reply was modified 2 years, 3 months ago by AdessoThomas. Reason: typos fixed
Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?