Windows Local and Active Directory: IQService Agent

Note: AD and ADAM require a secure connection (SSL) for any password management activities.

The IQService is a native Windows service that enables IdentityIQ to participate in a Windows environment and access information only available through Win32 APIs. You must install and register an IQService before you can provision to Active Directory, aggregate Terminal Services attributes, collect information from the Windows Event Logs, or load local Windows users or groups through the Direct connectors. This includes provisioning of password changes.

IQService can be installed on an independent Windows computer or on a Windows machine that is a member of a domain. It listens for connections from an IdentityIQ instance and can be used to do one of several things, including:

• Aggregate access to the file shares on the server

• Aggregate local user and group definitions from the independent Windows machine

• Aggregate users and groups from the Active Directory or ADAM domain of which the machine is a member

• Change the passwords for a user who has rights to the independent Windows machine or the domain

The application definition for the Active Directory or Windows Local application must then be configured with the host and port where IQService is installed and listening.