Microsoft Identity Integration Server 2003 Developer Reference

About Rules Extensions

Microsoft Identity Integration Server 2003 has a flexible synchronization rules engine that allows you to process identity data between your connected data sources and the metadirectory according to your business rules. Your business rules are expressed as synchronization rules in Microsoft Identity Integration Server 2003 either as declarative rules or through rules extensions.

Declarative rules are synchronization rules that are configured through the Identity Manager of Microsoft Identity Integration Server 2003. For business rules that are beyond declarative rules, you can use a rules extension to express otherwise complex logic in a well-structured form.

Both declarative rules and rules extensions coexist to provide you with the flexibility of choosing the appropriate method for a given scenario. The following list shows some of the rules that can be expressed in rules extensions:

Apply sophisticated filters that use logic applied to specified attribute values and conditions to control data flow into the metaverse.
Resolve complex object conflicts.
Resolve unwanted object joins between the connector space and the metaverse.
Handle attribute precedence.
Transform and convert attribute values between connected data sources.
Provision objects in the metaverse to export the attribute values to other connected data sources.
Implement new business rules on existing connector space objects and metaverse objects.

A rules extension is a .NET Framework assembly implemented in the form of a dynamic link library (.dll) file. You can create a rules extension using any programming language and compiler that creates a .NET Framework assembly. For more information, see Creating Rules Extensions.

Type of Rules Extensions

The following types of rules extensions are supported by Microsoft Identity Integration Server 2003.

Rule extension	Description
Management agent	Used on data that flows between the connector space and the metaverse, such as data transformations, join rules, and deprovisioning. Each management agent can have only one rules extension.
Metaverse	Used on data that flows between the metaverse and connector space in response to a change in the metaverse, such as when an attribute value changes or a link is added or removed from a metaverse object. For example, you can use a metaverse rules extension to create provisioning rules to ensure that all the connected system objects contain the unified identity data that is stored in the metaverse. You can have only one metaverse rules extension.

Rule extension

Description

Management agent

Used on data that flows between the connector space and the metaverse, such as data transformations, join rules, and deprovisioning. Each management agent can have only one rules extension.

Metaverse

Used on data that flows between the metaverse and connector space in response to a change in the metaverse, such as when an attribute value changes or a link is added or removed from a metaverse object. For example, you can use a metaverse rules extension to create provisioning rules to ensure that all the connected system objects contain the unified identity data that is stored in the metaverse. You can have only one metaverse rules extension.

Rules extensions are called when identity data is processed. For more information, see How Rules Extensions Are Called. To see how the synchronization rules map to the rules extension methods, see Synchronization Rules Mapped to Rules Extension Methods.

Accessing Objects

Objects in the connector space and metaverse are created from the following classes.

Class	Object
CSEntry	Connector Space Object
MVEntry	Metaverse Object

Most of the classes in the Microsoft.MetadirectoryServices namespace are related to these two objects.