Creating a service that has manual connection mode

If you did not install the adapter for the managed resource, use this task to create an instance of a service. You can use the manual connection mode to manage account requests instead of creating a manual service. After you install the adapter, you can change the connection mode from manual to automatic.

Before you begin

Depending on how your system administrator customized your system, you might not have access to this task. To obtain access to this task or to have someone complete it for you, contact your system administrator.

To create a service in IBM Verify Identity Governance, you must create a service type. Alternatively, use one of the service types that were automatically created when Verify Identity Governance Server was installed. To create a service type either:
  • Import the adapter profile, or
  • Add the new schema classes and attributes for the service to your LDAP directory

You must add the erconnectionmode attribute to the customized form for the service type to enable connection mode. See Enabling connection mode.

About this task

This task is for creating a service with manual connection mode before the adapter is installed. After the adapter installation, to create a service with an automatic connection, select Automatic and follow the task for creating a service. See Creating services.

If you choose to create a provisioning policy as part of this task, the service is automatically added to the provisioning policy as an entitlement. In addition, a membership of All is defined for the provisioning policy. You can later edit the provisioning policy and change the membership after the service is created.

The service name and description that you provide for each service are displayed on the console. Therefore, it is important to provide values that make sense to your users and administrators.

To create a service instance that has manual connection mode, complete these steps:

Procedure

  1. From the navigation tree, click Manage Services.
    The Select a Service page is opened.
  2. On the Select a Service page, click Create.
    The Create a Service wizard is opened.
  3. On the Select the Type of Service page, click Search to locate a business unit.
    The Business Unit page is opened.
  4. On the Business Unit page, complete these steps:
    1. Type information about the business unit in the Search information field.
    2. Select a business type from the Search by list, and then click Search.
      A list of business units that matches the search criteria is displayed.
      If the table contains multiple pages, you can:
      • Click the arrow to go to the next page.
      • Type the number of the page that you want to view and click Go.
    3. In the Business Units table, select business unit in which you want to create the service, and then click OK.
      The Select the Type of Service page is opened, and the business unit that you specified is shown in the Business unit field.
  5. On the Select the Type of Service page, select a service type, and then click Next.
    If the table contains multiple pages, you can:
    • Click the arrow to go to the next page.
    • Type the number of the page that you want to view and click Go.
  6. On either the Service Information or General Information page, specify the appropriate values for the service instance. Then, click Test Connection to validate that the data in the fields is correct.
    If the connection fails, contact the analyst who is responsible for the computer on which the managed resource runs.
    Note: The content of the Service Information or General Information page depends on the type of service that you are creating. The creation of some services might require more steps.
  7. For the Connection mode option, select Manual.
    Selecting Manual enables the Participants page, the Messages page, and a different Reconciliation page in the navigation area.
    Note: This option is available only if the erconnectionmode attribute is added to the service form. Connection mode is not supported on the ITIM Service or any type of identity feed service, hosted service, or manual service types. For information about adding the erconnectionmode attribute, see Enabling connection mode.
  8. On the Users and Groups page, specify user and group information for the service.
    Note: The Users and Groups page is opened only if you are creating certain service instances.
  9. On the Authentication page, configure authentication (either password-based or key-based) for the service, and then click Next or Finish.
    Note: The Authentication page is displayed only if you are creating a POSIX service instance.
  10. Optional: On the Dispatcher Attributes page, specify information about the dispatcher attributes, and then click Next or Finish.
    Note: The Dispatcher Attributes page is displayed only for Directory Integrator-based services.
  11. Optional: On the Access Information page, select the Define an Access check box to activate the access definition fields. Select the type of access you want to enable.
    Specify the expected access information and any other optional information such as description, search terms, more information, or badges.
  12. Optional: On the Status and Information page, you can view information about the adapter and managed resource, and then click Next or Finish.
  13. On the Participants page, specify the users who are involved in completing the activities for the manual service. Specify the amount of time before the service is escalated. Click Next.
  14. Optional: On the Messages page, complete these steps, and then click Next or Finish:
    1. Select the default email message that you want to change, and then click Change.
      The Change Message page is opened.
    2. Modify the Subject and Body fields, and then click OK.
  15. On the Configure Policy page, select a provisioning policy option, and then click Next or Finish.
    The provisioning policy determines the ownership types available for accounts. The default provisioning policy enables only the Individual ownership type accounts. Additional ownership types can be added by creating entitlements on the provisioning policy.
    Note: If you are creating a service for an identity feed, the Configure Policy page is not opened.
  16. Optional: On the Reconciliation page, click Browse to locate the reconciliation file, and then click Upload File to load the new reconciliation file.
    You can also choose whether to reconcile supporting data only.
    Note: The file type that is supported for the reconciliation file is CSV. For more information, see Example comma-separated value (CSV) file.

Results

A message is shown, indicating that you successfully created the service instance for a specific service type.

What to do next

Select another services task, or click Close. When the Select a Service page is opened, click Refresh to refresh the Services table and display the new service instance.