Chapter 1. Business context for evolutionary integration 11
One-to-many data flow
The illustration does not fully describe the
combinations that are possible in
one-to-many scenarios. The main point is
that data needs to be updated,
maintained or created in several places.
For example, as e-mail addresses are
added in the e-mail directory, Tivoli
Directory Integrator ensures that this is
updated in the single sign-on directory for authentication purposes. However, the
ERP system also likes to subscribe to this information as it is used in automated
ERP-based messages to employees. So in this example, Tivoli Directory
Integrator would update both the SSO directory as well as the ERP system as
part of a data flow. Another example is propagating password changes in a
directory to a number of other directories.
In one-to-many data flows it is important to consider what could happen if a flow
was interrupted and data not updated in all systems as was expected. In
transactional systems, roll-back is used to reset the involved systems to the state
they had before the data flow started. However, in most identity synchronization
projects, this is not much of a problem since the entire data flow can be
repeated—it is not like transferring the same amount of money twice to another
bank account. However, roll-back or compensating logic can be added to a Tivoli
Directory Integrator solution should this be required.
1.5 Business and technical scenarios
The previous section looked at synchronization concepts in general. Also, some
of the benefits of synchronization were discussed in another section. Now we
investigate some real-life scenarios to illustrate the business context. The
examples below are intended to bring them to life so that the reader can more
readily recognize and identify synchronization opportunities when faced with a
new business or technical deployment challenge. The fictional company PingCo
is used to illustrate the scenarios. Let us now look at a few identity use cases to
illustrate the issues that throw wrenches into the machinery that organizations
have spent years building.
1.5.1 Multiple existing directories and security concern
PingCo is building a portal that will be used by both employees and external
customers. PingCo has already implemented separate employee and business
partner directories, but the employee directory is on the corporate intranet and
will not be made accessible to non-VPN external users. The portal will be placed
Directory
TDI
File
Database
email
Directory
Directory
TDI
File
Database
email
Directory
Get Robust Data Synchronization with IBM Tivoli Directory Integrator now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
