SA_GLOBAL_CONFIGURATION table

SA_GLOBAL_CONFIGURATION table

The SA_GLOBAL_CONFIGURATION³ table stores information about the shared access global configuration settings. This table has only one row.

Column name Description

ACCESS_MODE Access mode of credentials.

0: Indicates exclusive permissions.
1: Indicates non-exclusive permissions.
2: Indicates non-shared credentials.

MAX_CHECKOUT_DURATION Specifies the duration for which a credential can be checked out. We must specify this attribute if the access is exclusive. Specify the time in weeks, days, or hours by adding the suffix, as described in the following examples:

8 w: Indicates 8 weeks.
8 d: Indicates 8 days.
8 h: Indicates 8 hours.
By default, the duration is considered in hours if no suffix is specified. The default duration is 8 h.

PASSWORD_VIEWABLE Specifies whether to show the credential password to users on ISIM Self-service user interface or the Identity Service Center user interface. We must specify this attribute if the access mode value is 0 (TRUE) or 1 (FALSE). The default value is FALSE, which indicates that the credential password must not be shown.

SHAREDACCOUNT_SEARCH Specifies whether checkout search must be enabled for the credential on the Self-service user interface or the Identity Service Center user interface. The valid values are:

0 for enabling the checkout search.
1 for disabling the checkout search.

PASSWORD_RESET Specifies whether account password to reset when the corresponding checked out credential is checked in. The valid values are:

0: Indicates that the password must be reset.
1: Indicates that password must not be reset.

OPERATION_NAME Specifies the global lifecycle operation that starts the checkout workflow extension.

LEASE_EXP_HANDLING Specifies the value T in the database that indicates that the lease expiration monitoring is enabled. This column is for internal use only.

LEASE_EXP_HANDLING_OPTION Following information:

0 if the Notify Violation option is selected.
1 if the Notify Violation and check in option is selected.

VIOLATION_NOTIFY_PARTICIPANT Recipient who is authorized to receive the lease expiration notifications. The name is stored as specific string in the database that depends on the recipient, for example, SA for Administrator.

NOTIFICATION_PARTICIPANT_DN Distinguished Name (DN) of the recipients whom to notify. The maximum DN character limit is 256 in the database.

SCHEDULE_FREQUENCY_MINUTE Specifies the duration after which we want IBM Security Identity Manager to check for the expired leases. The time is stored in minutes and the default is 60 minutes.

NOTIFY_FREQUESNCY_MINUTE Time interval to send notification to the recipients to remind them about lease expiration. The time is in minutes and the default is 1440 minutes.

^* Indicates the column is required and not null.
³ Indicates the table is added in ISIM 6.0.
Parent topic: Shared access tables

Column name	Description
ACCESS_MODE	Access mode of credentials. 0: Indicates exclusive permissions. 1: Indicates non-exclusive permissions. 2: Indicates non-shared credentials.
MAX_CHECKOUT_DURATION	Specifies the duration for which a credential can be checked out. We must specify this attribute if the access is exclusive. Specify the time in weeks, days, or hours by adding the suffix, as described in the following examples: 8 w: Indicates 8 weeks. 8 d: Indicates 8 days. 8 h: Indicates 8 hours. By default, the duration is considered in hours if no suffix is specified. The default duration is 8 h.
PASSWORD_VIEWABLE	Specifies whether to show the credential password to users on ISIM Self-service user interface or the Identity Service Center user interface. We must specify this attribute if the access mode value is 0 (TRUE) or 1 (FALSE). The default value is FALSE, which indicates that the credential password must not be shown.
SHAREDACCOUNT_SEARCH	Specifies whether checkout search must be enabled for the credential on the Self-service user interface or the Identity Service Center user interface. The valid values are: 0 for enabling the checkout search. 1 for disabling the checkout search.
PASSWORD_RESET	Specifies whether account password to reset when the corresponding checked out credential is checked in. The valid values are: 0: Indicates that the password must be reset. 1: Indicates that password must not be reset.
OPERATION_NAME	Specifies the global lifecycle operation that starts the checkout workflow extension.
LEASE_EXP_HANDLING	Specifies the value T in the database that indicates that the lease expiration monitoring is enabled. This column is for internal use only.
LEASE_EXP_HANDLING_OPTION	Following information: 0 if the Notify Violation option is selected. 1 if the Notify Violation and check in option is selected.
VIOLATION_NOTIFY_PARTICIPANT	Recipient who is authorized to receive the lease expiration notifications. The name is stored as specific string in the database that depends on the recipient, for example, SA for Administrator.
NOTIFICATION_PARTICIPANT_DN	Distinguished Name (DN) of the recipients whom to notify. The maximum DN character limit is 256 in the database.
SCHEDULE_FREQUENCY_MINUTE	Specifies the duration after which we want IBM Security Identity Manager to check for the expired leases. The time is stored in minutes and the default is 60 minutes.
NOTIFY_FREQUESNCY_MINUTE	Time interval to send notification to the recipients to remind them about lease expiration. The time is in minutes and the default is 1440 minutes.