This documentation supports the 9.0 version of Service Request Management.

To view the latest version, select the version from the Product version menu.

Using Identity Request Management Services

Identity Request Management no longer supported

The Identity Request Management (IRM) module is no longer supported in versions 9.0 and later of BMC Service Request Management. However, IRM continues to be shipped for reference in version 9.0 of BMC Service Request Management.

For more information about the end of life of IRM, see Product announcements.

This topic discusses using Identity Request Management Services. With Identity Request Management requests, employees can request to obtain access rights, to unlock or enable accounts, and to change passwords. Users can also submit requests for other people.

Requests available through Identity Request Management Services

The following requests are included: 

RequestDescription
Request Access RightControls access rights for yourself, people who report to you, or other people in the companies to which you have access rights.
Remove Access RightRemoves access right for yourself or for people who report to you.
Unlock Account Request(Support team members only) Unlocks an account that was locked by a user.
Enable Account Request(Support team members only) Enables an account that an administrator disabled or revoked.
Password Change Request

Changes passwords of all or selected accounts. The request behavior depends on your organization's configuration.

Points to consider

Before you use this request, consider the following points:

  • Depending on the configuration, the request to change a password might also send an automatic request to enable the accounts that are currently disabled.
  • For some systems, it might be necessary to log out and log on again to open accounts after changing the password. The administrator should provide the necessary procedure for the specific systems employed in the organization.
  • Depending on the configuration, account tables can be hidden and a password change affects all the accounts.
  • Before you define new passwords, take into consideration your organization's password policy and password strength policy.

To request access rights

  1. From the request catalog, select Request Access Right.
  2. In the Available Roles section on the Request Access Right form, filter the roles:
    1. In the Role field menu, select Name or Description.
    2. In the With field, enter text by which you want to search.
    3. Click Go.
  3. In the table of available roles, move the roles that you want to connect to the user account to the Roles to Connect list.
  4. To connect the selected roles, click Submit Request.

To request removal of access rights

  1. From the request catalog, select Remove Access Right, and click Request Now.
  2. On the Remove Access Right form, move the appropriate roles from the Connected Roles list to the Roles to Disconnect list.
  3. (Optional) In the Justification field, enter the reason why the access was removed.
  4. Click Submit Request.

To unlock or enable an account

  1. As a member of the Support team, from the request catalog, select Unlock Account Request or Enable Account Request.
    The Unlock Account Request form displays the following account information:
    • Account ID/Name — Name of the user account
    • Target System Name — Name of the server or system where the account is registered
    • Target System Type — Server or system operating system
    • Disabled (revoked) — Indicates whether the account has been revoked
    • Locked — Indicates whether the account is locked
    • Password Required — Indicates whether you must enter a new password when the account is unlocked or enabled
  2. Select the check box next to each account that you want to unlock.
  3. If you select an account that requires a password for unlocking or enabling, enter the password in the New Password and Confirm New Password fields.
  4. Click Submit Request to enable the selected accounts.

To change passwords for all or selected accounts

  1. Review the Points to consider about the Password Change Request.
  2. From the request catalog, select Password Change Request.
  3. On the Password Change Request form, select or clear the check boxes of accounts to indicate for which accounts you want to change the password; to select all of the accounts, click Select All.
  4. Enter values for the following fields:
    • Current Password — Enter your existing identity management backend password. (The current password is displayed. It is required only if the Password Configuration is set to enable it.)
    • New Password — Enter your new password.
      This password must satisfy the requirements for all the systems and applications in which you have user accounts. In addition, a history is kept of your recent passwords and will not allow you to immediately reuse a password.
    • Confirm Password — Retype the new password for verification.
  5. Click Submit Request.

To submit requests for other people

  1. From the request catalog, select one of the following requests:
    • Password Change Request
    • Request Access Rights
    • Unlock Account Request
    • Enable Account Request
    • Remove Access Right 

      A menu with all the company names that the user has access to is displayed and enabled. 

      If you do not have access rights to other companies, but you have people who report to you and you have IRM Manager permissions, you do not see the company menu. However, you can click Person List to view the list of all the people who report to you.

  2. Select the company name, and click Person List.
    The list of people from the company that you select appears.
  3. Select the person for whom you want to request access.
    Use the Name Starts With field to search the list. To view all the people in all the companies that appear in the list, clear the company name and click Person List.
  4. Create the request from the Request Entry console.

Was this page helpful? Yes No Submitting... Thank you

Comments