Creating services

Create an instance of a service from a service type, such as the Linux® profile or another adapter profile that you installed.

Before you begin

Depending on how your system administrator customized your system, you might not have access to this task. To obtain access to this task or to have someone complete it for you, contact your system administrator.

Before you can create a service in IBM Verify Identity Governance, you must create a service type. Alternatively, use one of the service types that were automatically created when you installed the Verify Identity Governance Server. You can create a service type by importing the adapter profile. Alternatively, you can add new schema classes and attributes for the service to your LDAP directory. Before you can create a service for an adapter, the adapter must be installed, and the adapter profile must be created.

About this task

If you choose to create a provisioning policy as part of this task, the service is automatically added to the provisioning policy as an entitlement. In addition, a membership of “All” is defined for the provisioning policy. You can later edit the provisioning policy and change the membership after the service is created.

The service name and description that you provide for each service are displayed on the console. Therefore, it is important to provide values that make sense to your users and administrators.

To create a service instance, complete these steps:

Procedure

  1. From the navigation tree, click Manage Services.
    The Select a Service page is displayed.
  2. On the Select a Service page, click Create.
    The Create a Service wizard is displayed.
  3. On the Select the Type of Service page, click Search to locate a business unit.
    The Business Unit page is displayed.
  4. On the Business Unit page, complete these steps:
    1. Type information about the business unit in the Search information field.
    2. Select a business type from the Search by list, and then click Search.
      A list of business units that matches the search criteria is displayed.
      If the table contains multiple pages, you can:
      • Click the arrow to go to the next page.
      • Type the number of the page that you want to view and click Go.
    3. In the Business Units table, select business unit in which you want to create the service, and then click OK.
      The Select the Type of Service page is displayed, and the business unit that you specified is displayed in the Business unit field.
  5. On the Select the Type of Service page, select a service type, and then click Next.
    If the table contains multiple pages, you can:
    • Click the arrow to go to the next page.
    • Type the number of the page that you want to view and click Go.
  6. On either the Service Information or General Information page, specify the appropriate values for the service instance.
    The content of the General Information page depends on the type of service that you are creating. The creation of some services might require more steps.
  7. On the Authentication page, configure authentication (either password-based or key-based) for the service, and then click Next or Finish.
    The Authentication page is displayed only if you are creating a POSIX service instance.
  8. On the Dispatcher Attributes page, specify information about the dispatcher attributes, and then click Next or OK.
    The Dispatcher Attributes page is displayed only for IBM® Security Directory Integrator based services.
  9. Optional: On the Access Information page, select the Define an Access check box to activate the access definition fields. Select the type of access you want to enable.
    Specify the expected access information and any other optional information such as description, search terms, more information, or badges.
  10. On the Status and Information page, view information about the adapter and managed resource, and then click Next or Finish.
    The adapter must be running to obtain the information.
  11. On the Configure Policy page, select a provisioning policy option, and then click Next or Finish.
    The provisioning policy determines the ownership types available for accounts. The default provisioning policy enables only Individual ownership type accounts. Additional ownership types can be added by creating entitlements on the provisioning policy.
    Note: If you are creating a service for an identity feed, the Configure Policy page is not displayed.
  12. Optional: On the Reconcile Supporting Data page, either do an immediate reconciliation for the service, or schedule a supporting data reconciliation, and then click Finish.
    The Reconcile Supporting Data page is displayed for all services except for identity feed services.

    The supporting data only reconciliation option retrieves only the supporting data for accounts. The supporting data includes groups that are defined on the service. The type of supporting data is defined in the adapter guide.

  13. Optional: On the Service Information or General Information page, click Test Connection to validate that the data in the fields is correct, and then click Next or Finish.
    If the connection fails, contact the analyst who is responsible for the computer on which the managed resource runs.

Results

A message is displayed, indicating that you successfully created the service instance for a specific service type.

What to do next

Select another services task, or click Close. When the Select a Service page is displayed, click Refresh to refresh the Services table and display the new service instance.