IBM Security Identity Manager directory tree
This section describes the ISIM directory tree.The following is a diagram of a basic Security Identity Manager directory tree.
| Container | Description |
|---|---|
| Root Node | Root node where ISIM Server is installed. |
| ou=itim | Stores all pertinent information for the ISIM application. |
| ou=constraints | Stores membership restrictions for various roles and services. |
| erdictionaryname=password | Stores invalid password entries for use with password policies. |
| ou=CompanyName | Name of the company. This container is the parent container for all information about the company in the ISIM system. |
| erglobalid=<GlobalID> | This node stores information of the organization. The company long name can be found in this node. |
| ou=orgChart | Stores the definition of the organizations and organizational units in ISIM. |
| ou=roles | Stores all information for all organizational roles defined in ISIM. |
| ou=workflow | Stores all the workflows designed for use in the ISIM system for the company. |
| ou=services | Stores information about the services installed for use with the ISIM system. |
| ou=accounts | Stores all accounts in the ISIM system. |
| ou=policies | Stores all the defined policies. |
| ou=sysRoles | Stores all information about the ISIM Groups defined in ISIM. |
| ou=orphans | Stores all orphan accounts retrieved during reconciliation. |
| ou=people | Stores all information about Persons in ISIM. |
| ou=credCatalog2 | Stores information about credentials and credential pools |
| ou=itim | This container is the parent container for system-specific information. |
| ou=category | Stores lifecycle management operations for an entity type. Only Person and Account are supported. Global represents the system operation. |
| ou=objectProfile | Stores the object profiles required for the system to recognize a managed resource as an entity (person, organizational unit, location). |
| ou=serviceProfile | Stores the service profiles required for the system to recognize a managed resource as a service. |
| ou=operations | Stores information about workflow operations (such as add, modify, delete, suspend, and transfer) with Security Identity Manager. |
| ou=lifecycleProfile | Stores all information about the lifecycle characteristics defined at the entity (instance) level. |
| ou=assemblyLine | Stores all information about the configuration for the IBM Security Directory Integrator adapter. |
| ou=config | Stores all the information about the workflow configurations. |
| ou=excludeAccounts | Stores all the information about which accounts are to be excluded during reconciliation. |
| ou=recycleBin | Stores entities deleted from the system by the administrative console. |
| ou=systemUser | Stores information about system users. |
| ou=formTemplates | Stores information about the various forms and the form templates used in the system. |
| ou=joinDirectives | Stores all the information about the provisioning policy join directives. |
| ou=privilegeRule | Stores information that determines whether the difference between an account value and what is dictated by a provisioning policy requires revoking or granting privileges. |
| cn=challenges | Stores all information about the password challenge and response feature. |
| ou=accessType1 | Stores information about access types. |
| ou=policies1 | Stores information about account defaults for each service. |
| ou=ownershipType2 | Stores information about ownership types. |
2 Indicates that the container is added in Version 6..
Parent topic: IBM Security Directory Server schema and class reference