3.1 AD and OpenText eDirectory Collectors

To ensure synchronization of data from OpenText eDirectory to the OpenText Identity Governance catalog, the users or groups in OpenText eDirectory must have the required minimum rights in the OpenText eDirectory repository. The following rights are required for data synchronization:

The OpenText Identity Governance collectors for OpenText eDirectory have two identity collector templates. The eDirectory Identity template is used when the connected system has both OpenText eDirectory and OpenText Identity Manager installed, whereas the eDirectory Identity > (w/o IDM) with changes template is used when the connected system has OpenText eDirectory installed with the change-log module. The change-log module enables the connector to recognize the changes that require publication from the connected system to the OpenText Identity Governance catalog.

For more information about collecting identities with changes and the change event collection, and for more information about applying changes see Collecting from Identity Sources with Change Events and Understanding Change Event Processing in the OpenText Identity Governance as a Service User and Administration Guide.

For OpenText Identity Governance to associate the accounts and permissions with the identities available in the catalog, while configuring the template, in the Collect Account view, use mail as the Account-User Mapping attribute and email as the Map to attribute. In the Collect Permission view, use member as the Permission-Account or User Mapping attribute and Account ID from Source as the Map to attribute.

In addition to these collectors there are the OpenText eDirectory and AD hybrid collectors for collecting permissions. For more information about hybrid collectors, see Understanding Hybrid Permission Collectors in the OpenText Identity Governance as a Service User and Administration Guide.