8-12
UserGuide for Cisco Digital Media Manager5.4.x
OL-15762-05
Chapter8 Authentication and Federated Identity
Concepts
Synchronization (Replication) Overview
Note MicrosoftActive Di rectory is the only LDAP implementation that we support in this release.
When you choose LDAP authentication or SSO authentication, user account data originates from your
ActiveDirectory server. However, CiscoDMS does not synchronize (replicate) this data automatically,
in real time. Instead, we cache it. Therefore, you must re synchronize user account data when you think
it is appropriate to do so. You can:
Resynchronize manually.
Schedule synchronizations to recur in the future at set intervals.
DMS-Admin synchronizes all user accounts in the Active Directory “user base” that your filter specifies,
except users whose accounts are disabled on your ActiveDirectory server.
Synchronization Types
Note MicrosoftActive Di rectory is the only LDAP implementation that we support in this release.
We support four types of ActiveDirectory synchronization in LDAP mode or federation mode.
Initial Update Overwrite Delete
Runs a one-time
synchronization for a
new filter that you never
synchronized
previously.
Runs an incremental,
fast update to find and
make up for any
differences between
user accounts that
match your
ActiveDirectory filter
and your local copy of
those user accounts.
Overwrites your local
copy of user accounts
that correspond to your
Active Directory filter
with new copies of
those user accounts. In
addition, deletes your
local copy of each user
account that has been
deleted from
Active Directory since
the last time that you ran
a synchronization.
Deletes your local copy
of user accounts that
correspond to a defined
Active Directory filter
and deletes the entry for
that filter from
DMS-Admin.