Scenario: Assign users to ISIM default groups

The next step is to assign users to ISIM groups.

We must first be logged on to ISIM administrative console as itim manager.

Groups provide a way to manage what tasks can be done by a specific user in ISIM. Groups use views to control what tasks are available. We can create our own views, create a group that has those views defined, and assign users to the group. Users can be assigned to more than one group. For new groups, we also need to set permissions through access control items. ISIM comes with five default groups: Manager, System Administrator, Service Owner, Help Desk Assistant, and Auditor.

While an administrator might initially set up and assign users to the default groups, a help desk or service owner often does this work. Users in this scenario are assigned to the following default groups:

User	Group
Michael Manager	Manager
Mike Sysadmin	System Administrator
James Owner	Service Owner
Janice Helpdesk	Help Desk Assistant
Jeff Auditor	Auditor
Vic PrivAdmin	Privileged Administrator
Jane PrivUser	Privileged User

Assign users to default groups

1. Log on to the administrative console as an administrator.

2. From the navigation tree, click Manage Groups.

3. On the Select a Service page:

   1. In the Search information field, type "ITIM Service".

   2. In the Search by field, specify to search against services.

   3. Select ITIM from the Search type list and then click Search.

      ITIM Service is shown.

   4. In the Services table, select ITIM Service and then click Continue.

4. On the Select Group page, to view the groups that exist for ITIM Service:

   1. In the Search information field, type Manager.

   2. In the Search by field, specify to search against group names or descriptions and click Search.

   3. In the Groups table, click the icon () next to Manager and click Add Members.

5. On the Add Members page:

   1. In the System account information field, type Michael Manager and click Search.

   2. Mark the check box next to the user Michael Manager and click OK.

6. On the Confirm page, click Submit.

7. On the Success page, click the link next to Return to the list of groups I was working with.

8. Repeat these steps for the other users and assign them to their respective groups as provided in the table.

Parent topic: People and IBM Security Identity Manager account provisioning