Modify the default provisioning policy

The next step is to modify the default provisioning policy for IBM Security Identity Manager.

Log on to ISIM admin console as itim manager.

A provisioning policy grants access to one or more managed resources. We use provisioning policies to define or set required attributes. In this task, ISIM admin sets up a provisioning policy. This action automates the provisioning of users into the system when the DSML feed is reconciled. It provides users with a standard password so that they can log on later to do tasks related to their user type. This process is a simplified example of how ISIM fits into an HR on-boarding process.

To modify the default provisioning policy for the ISIM service.

  1. Log on to the administrative console as an administrator.

  2. Click Manage Policies > Manage Provisioning Policies.

  3. On the Manage Provisioning Policy page, click Search. A list of all provisioning policies is shown.

  4. In the Provisioning Policies table, click Default provisioning policy for ITIM.

  5. On the General notebook page, ensure the policy status is set to Enable. Click the Entitlements tab.

  6. On the Entitlements notebook page:
    1. Ensure that there is an entitlement named ITIM Service with a target type of Specific Service and a provision option of Automatic. If the provisioning option is set to Manual, a user account cannot be created when the DSML feed is reconciled and people are populated into the system.
    2. Check the box next to ITIM Service and click Parameters.

  7. On the Entitlement Parameter page, click Create.

  8. On the Add New Parameter page, go to the attribute table page, check the box next to Password and click Continue.

  9. On the Define Constant page, type secret as the password and click Continue. This procedure sets the default password of secret for all users provisioned to ITIM Service. In a production environment, do not create a standard password for all users in a provisioning policy. It creates security vulnerabilities.

  10. On the Entitlement Parameter page, click Continue.

  11. On the Entitlements notebook page, click Submit.

  12. On the Schedule page, click Submit.

  13. On the Success page, click Close.

Parent topic: People and ISIM account provisioning