Create a manual service type
The first step in this scenario creates a manual service type by adding a schema class to LDAP.
Log on to ISIM administrative console as itim manager.
The insurance company provides reinsurance for a few small satellite companies. Employees in a small accounting department at the insurance company use an old ledger system that interfaces with a department in one of these satellite companies. This ledger system handles the general ledger and also functions as a financial record keeping and reporting system. The old ledger system is slated for removal over the next two years. Management believes that the expense of developing a custom adapter to interface with Security Identity Manager is too great. However, management wants to track people who use the ledger system to facilitate auditing and regulatory compliance initiatives. For this purpose, the system administrator is tasked with creating a manual service. This step creates a manual service type called LedgerSystem. The LedgerSystem service type initially has these account attributes.
Attribute Required employeeNumber Yes. Password Remove this attribute, which is not needed for a ledger system. User ID We cannot change this attribute. Accept the default. employeeName Yes. To create the service type by specifying a new LDAP schema class that has a employeeName attribute for the manual service.
- Log in to the administrative console as an administrator.
- Click Configure System > Manage Service Types.
- On the Manage Service Types page, click Create.
- On the General notebook tab, complete these fields:
- Service Type Name
- Enter LedgerAccount. This value becomes the service type name. Do not include spaces in the name. This name is a new LDAP class that we create during this scenario. Avoid specifying an identical value in the LDAP class and the Service Type Name fields.
- Description
- This field is read-only.
- Service Provider
- Select Manual.
- Click the Service notebook tab:
- LDAP class
- Enter LedgerService. Do not include spaces in the name. This entry is a new LDAP class that we create during this scenario. Avoid specifying an identical value in the LDAP class and the Service Type Name fields.
- Click the Account notebook tab:
- In the LDAP class field, type LedgerProfile. Do not include spaces in the name.
- In the Attributes table, click Add, type each of these attributes in the Attribute name field and then click OK to add each attribute:
Manual service types do not support 'action' as an attribute name. 'action' is a reserved word.
- employeeName
For employeeName, select Required and Directory String.
- employeeNumber
For employeeNumber, select Required and Directory String.
- In the Attributes table, check the Password attribute and click Remove.
- Click OK to create the service type.
- On the Success page, click Close. We might see the following warning message:
CTGIMU817W The attributes were not updated due to the following LDAP warnings: * CTGIMO111E Fail to add or update schema for attribute [employeeNumber]. Reason: [LDAP: error code 80 - Other].
- Click Close.
- On the navigation tree, click Configure System > Manage Service Types. Validate that a LedgerAccount item exists in the Service Type column.
Parent topic: Configuration of a manual service