Create ITIM services

Create an instance of an ITIM service from a service type, such as the Linux profile or another adapter profile that we installed. Before creating a service in ISIM, create a service type, or, alternatively, use one of the service types automatically created when we installed ISIM Server.

We can create a service type by importing the adapter profile. Alternatively, add new schema classes and attributes for the service to the LDAP directory. Before creating a service for an adapter, the adapter must be installed, and the adapter profile must be created. If we choose to create a provisioning policy as part of this task, the service is automatically added to the policy as an entitlement. In addition, a membership of “All” is defined for the policy. We can later edit the policy and change the membership after the service is created. The service name and description provided for each service are displayed on the console. Provide values that make sense to your users and administrators.

To create a service instance:

  1. From the navigation tree, click...

    The Create a Service wizard is displayed.

  2. On the Select the Type of Service page, click Search to locate a business unit. The Business Unit page is displayed.

  3. On the Business Unit page:

    1. Enter information about the business unit in the Search information field.

    2. Select a business type from the Search by list, and then click Search. A list of business units that matches the search criteria is displayed.

    3. In the Business Units table, select business unit in which to create the service, and then click OK. The Select the Type of Service page is displayed, and the business unit that you specified is displayed in the Business unit field.

  4. On the Select the Type of Service page, select a service type, and then click Next.

  5. On either the Service Information or General Information page, specify the appropriate values for the service instance. The content of the General Information page depends on the type of service that we are creating. The creation of some services might require more steps.

  6. On the Authentication page, configure authentication (either password-based or key-based) for the service, and then click Next or Finish. The Authentication page is displayed only if we are creating a POSIX service instance.

  7. On the Dispatcher Attributes page, specify information about the dispatcher attributes, and then click Next or OK. The Dispatcher Attributes page is displayed only for IBM Security Directory Integrator based services.
  8. Optional: On the Access Information page, select the Define an Access check box to activate the access definition fields. Select the type of access to enable. Specify the expected access information and any other optional information such as description, search terms, more information, or badges.

  9. On the Status and Information page, view information about the adapter and managed resource, and then click Next or Finish. The adapter must be running to obtain the information.

  10. On the Configure Policy page, select a provisioning policy option, and then click Next or Finish. The policy determines the ownership types available for accounts. The default provisioning policy enables only Individual ownership type accounts. Additional ownership types can be added by creating entitlements on the policy. If we are creating a service for an identity feed, the Configure Policy page is not displayed.

  11. Optional: On the Reconcile Supporting Data page, either do an immediate reconciliation for the service, or schedule a supporting data reconciliation, and then click Finish. The Reconcile Supporting Data page is displayed for all services except for identity feed services.

    The supporting data only reconciliation option retrieves only the supporting data for accounts. The supporting data includes groups defined on the service. The type of supporting data is defined in the adapter guide.

  12. Optional: On the Service Information or General Information page, click Test Connection to validate that the data in the fields is correct, and then click Next or Finish. If the connection fails, contact the analyst who is responsible for the computer on which the managed resource runs.


Results

A message is displayed, indicating that you successfully created the service instance for a specific service type.

Select another services task, or click Close. When the Select a Service page is displayed, click Refresh to refresh the Services table and display the new service instance.

Parent topic: Services administration