Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

IBM Security Identity Manager Schedule Inspector

This script answers the question "what will ISIM do and when?". It does so by intelligently decoding the scheduled events table in ISIM. Useful for a mass export of the recon schedules, finding out next steps for in-flight workflows, checking for inconsistencies in the table etc.

The scripts creates a table digest, a cleanup SQL script and and a full binary dump:

  • scheduled_message_digest.csv - a readable, CSV formatted digest of the scheduled_message table
  • scheduled_message_cleanup.csv - SQL script to remove invalid references and obsolete entries
  • scheduled_message.dump - raw, but decoded and unzipped dump of the messages from the table, for indepth investigations.


This is a jython script, that uses ISIM settings and libraries for connecting to the underlying DB and LDAP.

  1. First, create subfolders under the current folder: isim/data, isim/data/keystore and isim/lib

  2. Copy the following property files from the isim\data folder to the local isim\data folder

  • - anchor properties, hardcoded and points to all other properties
  • - core ISIM properties, control password encryption and storage
  • - DB connection properties
  • - LDAP connection properties
  • - necessary for ISIM to 'translate' messages to the default locale
  • - optional, tells where to save logging and at what level. Change handler.file.fileDir and logger.trace.level
  • - access key to the keystore

If your DB/LDAP creds are encrypted and stored in a keystore copy the appropriate isim keystore from isim\data\keystore to the new keystore folder

  1. Copy the following libraries from isim\lib and jre\jre\lib to the local isim\lib folder
  • itim_common.jar - common ITIM functions (EncryptionManager and PropertiesManager)
  • itim_server.jar - java reflector for, and other ISIM server classes
  • jlog.jar- logger for itim_server and others
  • j2ee.jar- javax.ejb, used by the itim server classes
  • aspectjrt.jar - org.aspectj, used by the itim server classes
  • enroleagent.jar -, used by the itim server classes
  • ibmjceprovider.jar (from IBM JVM jvm/lib/ext) -
  • ibmpkcs.jar (from IBM JVM jvm/lib/) -
  • db2jcc.jar or other appropriate jar - your JDBC driver


jython -J-cp "isim/data;isim/lib/*"

Tested on Win7

How it works

The scheduled_message records are created at the time of an job object creation, or whenever it needs to be rescheduled. The events in are processed by an ISIM spooler periodically. The source of the event is in the LDAP, while it's periodic component is in this table. This script goes over all the records in the table and correlates it with the LDAP records. More documentation of the table is in the ISIM 6.0 Database and Directory Server Schema Reference document.


IBM Security Indentity Manager scheduled events export and review







No releases published


No packages published