Account management

We can manage accounts for users in ISIM.


Accounts

An account is the set of parameters for a managed resource that defines an identity, user profile, and credentials.

An account defines login information (your user ID and password, for example) and access to the specific resource with which it is associated.

In IBM Security Identity Manager, accounts are created on services, which represent the managed resources such as operating systems (UNIX), applications (WeSphere Application Server), or other resources.

Accounts, when owned, are either individual or sponsored. Individual accounts are for use by a single owner and have an ownership type of Individual. Sponsored accounts are assigned to owners who are responsible for the accounts, but might not actually use them to access resources. Sponsored accounts can have various types of non-Individual ownership types. ISIM supplies three ownership types for sponsored accounts Device, System, and Vendor. We can create additional ownership types for sponsored accounts using the Configure System utility.

Accounts are either active or inactive. Accounts must be active to log in to the system. An account becomes inactive when it is suspended. For example, a request to recertify your account usage might be declined and the recertification action is suspend. Suspended accounts still exist, but they cannot be used to access the system. System administrators can restore and reactivate a suspended account if the account is not deleted.


Account types

An account type represents a managed resource, such as an operating system, a database application, or another application that ISIM manages. For example, an account type might be a WebSphere Application Server application.

Users access these account types by receiving an account on the managed resource. Contact the system administrator for additional information about the account types available in the environment.

Parent topic: User administration