IBM Security Identity Manager Accounts

An account is the set of parameters for a managed resource that defines an identity, user profile, and credentials. An account defines login information (user ID and password, for example) and access to the specific resource with which it is associated. With IBM Security Identity Manager, accounts are created on services, which represent the managed resources. Such resources might be operating systems (UNIX), applications (WebSphere Application Server), or other resources.

Accounts, when owned, are either individual or sponsored. Individual accounts are for use by a single owner and have an ownership type of Individual. Individual accounts can be further categorized by using the account category feature such that certain categories can be excluded from Password Synchronization. Sponsored accounts are assigned to owners who are responsible for the accounts, but might not actually use them to access resources. Sponsored accounts can have various types of non-Individual ownership types. ISIM supplies three ownership types for sponsored accounts Device, System, and Vendor. We can use the Configure System utility to create additional ownership types for sponsored accounts. The same utility can also be used to create account categories for Individual accounts.

Accounts are either active or inactive. Accounts must be active to log in to the system. An account becomes inactive when it is suspended. Suspension can occur if a request to recertify your account usage is declined and the recertification action is suspend. Suspended accounts still exist, but they cannot be used to access the system. System administrators can restore and reactivate a suspended account if the account is not deleted.

Parent topic: People overview