How is an object in the IC linked to the corresponding object in a target system?
I am new in SAP NW IDM and I try to understand some basic concepts. I haven't found anything when searching.
How does SAP NW IDM establish a link between objects in IC and objects in target / source systems?
From other IDM tools I am used the concept of storing a link, an ID, an association or whatever you name it of the target system objects in the identity store. This link, ID, association, etc. is used as an access key to the object in the target system for all further commands after creation like modify, rename, delete.
So I expect when creating an object in the target system on success the adapter returns a target system specific unique object identifier (e.g. for AD the GUID, for generic LDAP the FDN, for SAP USER the Username/Bapiname, etc.) which then is stored as the link, ID, association, etc.
I haven't seen this concept in SAP NW IDM neither by investigation the IC schema nor by finding something in other documentations.
Can someone explain how SAP NW IDM finds the right object in the target system to perform the commands and which attribute is used to store this link.
This is done using the dynamic schema (its not part of the default). Whenever you add a connected system, the Initial Load process creates an attribute ACCOUNT<rep.Name> where rep.Name is the name of the system you just connected. On a live system you might have:
By default, this stores the account name of the target system object. You could, if you really wanted to, change it to store some other identified (like AD Guid) but it would involve some work on the provided provisioning framework to make sure it was all in sync.
Hope that helps