Service types

Service types

A service type is a category of related services that share schemas. Service types define the schema attributes common across a set of similar managed resources. Service types are profiles, or templates, that create services for specific instances of managed resources. For example, we might have several Lotus Domino servers users need access to. Create one service for each Lotus Domino server with the Lotus Domino service type. In previous versions of IBM Security Identity Manager, a service type is called a service profile. Some service types are installed by default when Security Identity Manager is installed. Other service types can be installed when we import the service definition files for adapters for managed resources. A service type definition is provided by the ISIM adapter for a managed resource. There is a service type for each type of managed resource that ISIM supports. Some examples are UNIX, Linux, Windows, and IBM Security Access Manager.
A service type is defined in the service definition file of an adapter profile, which is a Java Archive (JAR) file containing the profile. The service type for an adapter is created when the adapter profile (JAR file) is imported. For example, a service type is defined in the WinLocalProfile.jar file. We can also define a service type with the interface for Security Identity Manager.

Default service types

Identity feed service types

IDI Data Feed service Uses the Security Directory Integrator to import user data, with no account data, into Security Identity Manager and to manage accounts in ISIM data store on external resources. This service is based on the IDI Data Feed Service Profile.
DSML Identity Feed service The Directory Services Markup Language identity feed service imports user data, with no account data, from a human resources database or file. The service feeds the information into the ISIM directory. The service uses a placement rule to determine where in the organization a user is placed. The service can receive the information in one of two ways: a reconciliation or an event notification. This service is based on the DSML Identity Feed Service Profile. DSMLv2 is deprecated in ISIM Version 5.0 in favor of the remote method invocation (RMI)-based IDI adapter framework. The use of DSMLv2 continues to be supported in this release.
AD Identity Feed Service Imports user data from Windows Active Directory. The organizationalPerson objects are fed into Security Identity Manager and add or update users to Security Identity Manager. The user profiles that are selected from this service must have an objectclass that is derived from the organizationalPerson class.
CSV Identity Feed Service Imports user data from a comma-separated value (CSV) file and adds or updates users to Security Identity Manager. A CSV file contains a set of records that are separated by a carriage return/line feed (CR/LF) pair (\r\n). Each record contains a set of fields that are separated by a comma. If the field contains either a comma or a CR/LF, the comma must be escaped with double quotation marks as the delimiter. The first record in the CSV source file defines the attributes that are provided in each of the following records. Attributes must be valid based on the class schema for the selected person profile for this service.
INetOrgPerson Identity Feed Imports user data from the LDAP directory. The inetOrgPerson objects are loaded and add or update users in ISIM.

Account service types

SDI-based account service This service type can be optionally installed during the installation of Security Identity Manager. All of these services are SDI-based adapters; each is a specific service type. Security Directory Integrator is one type of service provider. There can be multiple service types defined for the same type of service provider.
ITIM Service Create accounts in the ISIM system. Represents the ISIM itself. Standard service with no configuration parameters. All users that need access to the ISIM system must be provisioned with an ISIM account.
Hosted Service Create a service that is a proxy to the hosting service that is in the service provider organization.
The hosted service connects to the managed resource target through the hosting service indirectly. The configuration details of the hosting service are invisible and protected from administrators in the secondary organization where the Hosted Service is defined. Administrators can define policies for the hosted service, specifically, without affecting the hosting service. The primary usage of a Hosted Service is to allow users in business partner organizations to have accounts and access to internal IT resources of an organization. A Hosted Service allows administrators in the secondary organization to define specific service policies for the user accounts.
Custom Java class service Defines our own implementation of a service provider.
Manual service Create a manual service.

Parent topic: Services administration

IDI Data Feed service	Uses the Security Directory Integrator to import user data, with no account data, into Security Identity Manager and to manage accounts in ISIM data store on external resources. This service is based on the IDI Data Feed Service Profile.
DSML Identity Feed service	The Directory Services Markup Language identity feed service imports user data, with no account data, from a human resources database or file. The service feeds the information into the ISIM directory. The service uses a placement rule to determine where in the organization a user is placed. The service can receive the information in one of two ways: a reconciliation or an event notification. This service is based on the DSML Identity Feed Service Profile. DSMLv2 is deprecated in ISIM Version 5.0 in favor of the remote method invocation (RMI)-based IDI adapter framework. The use of DSMLv2 continues to be supported in this release.
AD Identity Feed Service	Imports user data from Windows Active Directory. The organizationalPerson objects are fed into Security Identity Manager and add or update users to Security Identity Manager. The user profiles that are selected from this service must have an objectclass that is derived from the organizationalPerson class.
CSV Identity Feed Service	Imports user data from a comma-separated value (CSV) file and adds or updates users to Security Identity Manager. A CSV file contains a set of records that are separated by a carriage return/line feed (CR/LF) pair (\r\n). Each record contains a set of fields that are separated by a comma. If the field contains either a comma or a CR/LF, the comma must be escaped with double quotation marks as the delimiter. The first record in the CSV source file defines the attributes that are provided in each of the following records. Attributes must be valid based on the class schema for the selected person profile for this service.
INetOrgPerson Identity Feed	Imports user data from the LDAP directory. The inetOrgPerson objects are loaded and add or update users in ISIM.

SDI-based account service	This service type can be optionally installed during the installation of Security Identity Manager. All of these services are SDI-based adapters; each is a specific service type. Security Directory Integrator is one type of service provider. There can be multiple service types defined for the same type of service provider.
ITIM Service	Create accounts in the ISIM system. Represents the ISIM itself. Standard service with no configuration parameters. All users that need access to the ISIM system must be provisioned with an ISIM account.
Hosted Service	Create a service that is a proxy to the hosting service that is in the service provider organization. The hosted service connects to the managed resource target through the hosting service indirectly. The configuration details of the hosting service are invisible and protected from administrators in the secondary organization where the Hosted Service is defined. Administrators can define policies for the hosted service, specifically, without affecting the hosting service. The primary usage of a Hosted Service is to allow users in business partner organizations to have accounts and access to internal IT resources of an organization. A Hosted Service allows administrators in the secondary organization to define specific service policies for the user accounts.
Custom Java class service	Defines our own implementation of a service provider.
Manual service	Create a manual service.