Password Synchronization plug-ins

You can use the password synchronization solution built with the IBM Security Directory Integrator to intercept password changes on a number of systems.

The IBM Security Directory Integrator provides an infrastructure and a number of ready-to-use components for implementing solutions that synchronize user passwords in heterogeneous software environments.

The intercepted changes can be directed back into:

The same software systems, or
A different set of software systems.

Synchronization is achieved through the IBM Security Directory Integrator AssemblyLines, which can be configured to propagate the intercepted passwords to required systems.

The components that make up a password synchronization solution are: Password Synchronizers, Password Stores, Connectors and AssemblyLines. The Password Synchronizers, Password Stores and Connectors are ready-to-use components included in the IBM® Security Directory Integrator. As a result, implementing the solution that intercepts the passwords and makes them accessible from IBM Security Directory Integrator is achieved by deploying and configuring these components.

The following sections describe the specialized password synchronization components that are currently available.

Password Synchronizers

Password Synchronizer for Windows XP/Vista: Intercepts the Windows login password change.
Password Synchronizer for IBM Security Directory Server: Intercepts IBM Security Directory Server password changes.
Password Synchronizer for Sun Directory Server: Intercepts Sun ONE Directory Server password changes.
Password Synchronizer for Domino®: Intercepts changes of the HTTP password for Lotus® Notes® users.
Password Synchronizer for UNIX and Linux: Intercepts changes of UNIX and Linux user passwords.

Password Stores

LDAP Password Store: Provides the function necessary to store the intercepted user passwords in LDAP directory servers.
JMS Password Store: JMS Password Store (formally known as the MQ Everyplace® Password Store) provides the functionality necessary to store intercepted user passwords in a JMS Provider's Queue from where any JMS client for example, IBM Security Directory Integrator) could read them.
Log Password Store: The Log Password Store is solely used to log any actions that a normal password store would take. This password store is useful for verifying that the Java™ Proxy and the native plug-ins are communicating correctly.

Specialized Connectors

JMS Password Store Connector

Provides the function necessary to retrieve password update messages from IBM WebSphere® MQ Everyplace and send them to IBM Security Directory Integrator.

IBM Security Identity Manager Integration

The Password Synchronization Plug-ins also details the steps required for integration between IBM Security Identity Manager and the following Password Synchronizers:

Sun Directory Server Password Synchronizer,
IBM Security Directory Server Password Synchronizer,
Windows Password Synchronizer, and
Password Synchronizer for UNIX and Linux.

For more information about installing and configuring the IBM Password Synchronization plug-ins, please see the Password Synchronization Plug-ins.