This section provides information on new driver features.
The driver shim works the same way, but new policies have been added to the sample driver configuration to support Identity Manager Password Synchronization.
You can set or modify the LDAP password using a password from Identity Manager, and you can check the LDAP password to see if it matches the Identity Manager password.
You could also use a style sheet to manufacture a password to be sent back to Identity Manager, such as a password based on the user's last name. However, LDAP does not support providing the user's actual LDAP password to Identity Manager.
See the description of the different scenarios for Password Synchronization in "Implementing Password Synchronization" in the Novell Nsure Identity Manager 2 Administration Guide.
Traditionally, the LDAP driver has been able to detect changes in an LDAP server only by reading its change log. However, some servers don't use the change-log mechanism, which is actually not part of the LDAP standard. Where change logs haven't existed, the LDAP driver has been unable to publish data about these LDAP servers to eDirectory.
The new LDAP-search publication method doesn't require a change log. This method detects changes by using standard LDAP searches and then comparing the results from one search interval to the next interval.
You can use the LDAP-search publication method as an alternative to the traditional change-log publication method. The DirXML Driver for LDAP supports either method. However, the change-log method has performance advantages and is the preferred method when a change log is available.
For information on new features in NsureTM Identity Manager, see "What's New in Identity Manager 2?" in the Novell Nsure Identity Manager 2 Administration Guide.