ITIM Service

Use this page to specify information about the ITIM Service.

If you select a service profile for an ITIM Service, complete these fields to connect to the server where the service resides:

Service name

Specifies a name that helps you identify the service instance.

Owner

Specifies the existing user ID of the service owner that administers the service instance.

Click Search to specify the name of the user who owns the service.

If a name exists in this field, click Clear to specify that the service instance does not have an assigned owner.

WebSphere account repository

Specifies the existing account repository used by IBM® Security Identity Manager for authentication.

If IBM Security Identity Manager is installed and configured to use its own custom registry, the default value for the service is ITIM Service.
If IBM Security Identity Manager is installed to use an external user registry that is used by WebSphere Application Server, then:
- If the external user registry is a service that is managed by IBM Security Identity Manager, click Search to locate and specify the service.
  Note: You must create a service for the user registry before you enter the name of the service in this field. If you have not created the service, see the topic Creating services in the IBM Security Identity Manager Administration Guide.
- If the external user registry is not a service that is managed by IBM Security Identity Manager, this field must be empty. Click Clear to remove any value that is in the field.
If IBM Security Identity Manager is installed to use its own custom registry, but you want to change the configuration to use an external user registry, you must reconfigure IBM Security Identity Manager before you modify the value of this field:
1. Complete the instructions in the topic Reconfiguration for authentication with an external user registry in the IBM Security Identity Manager Installation Guide. You can view this document on the IBM Security Identity Manager information center
2. After you complete the reconfiguration:
  - If the external user registry is a service that is managed by IBM Security Identity Manager, click Search to locate and specify the service.
    Note: You must create a service for the user registry before you enter the name of the service in this field. If you have not created the service, see the topic Creating services in the IBM Security Identity Manager Administration Guide.
  - If the external user registry is not a service that is managed by IBM Security Identity Manager, this field must be empty. Click Clear to remove any value that is in the field.

Usage notes:

If the value of WebSphere account repository is not set, or if the value is anything other than ITIM Service, then you cannot change the Identity Manager account password.
If you change the value of WebSphere account repository, you might need to wait a few minutes for the profile of the Identity Manager account to be refreshed in order to see the effective change. In WebSphere cluster environments, the changed value may not be propagated to each node until the next refresh interval of the profiles. If you change WebSphere account repository from ITIM Service to another service, or to no value, the disabling of the password change feature does not take effect until the profile is refreshed.
This property relates to both forgotten password enablement and the WebSphere user registry configuration under which IBM Security Identity Manager is deployed. For the forgotten password feature to function correctly, set this value to the service that corresponds to the configured user repository in WebSphere. This setting determines the account password to change after the challenge questions are answered successfully. If the WebSphere Application Server account repository value is not set, the forgotten password option is not enabled regardless of the setting on the Configure Forgotten Password page and the forgotten password option is not available on the Login page.