It is not fully clear from you question which ISVG component you are using - but as you mention "adoption/provisioning policy" I assume you are using the Identity Manager component (aka as ISIM in earlier versions).
Can you please clarify why you cannot write an adoption policy ? Be aware there are 3 levels of adoption policies :
- under "Configure System" "Global Adoption Policies" you can define a fully global policy (Service type ="*") or per specific Service Type
- Specific adoption policy for a Service is under "Manage Policies" "Manage Adoption Policies"
You cannot write a provisioning policy for a service - that is not how Identity Manager works. The entry point for any provisioning policy is an Organizational Role - these can be Static (person are added/removed by some action) or Dynamic (persons are added based on person object attributes).
When you create a provisioning policy you start out defining the population ("Members") - which in most cases should be a role - there are "special" roles such as "All users in the organization" - do not use those unless you know what you are doing - Organizational Roles are what you want to drive the process.
The entitlement is then where you point to the services you want to user - and that is here most people are having problems. First - you should use "Specific Service" in most cases (the other options are coming with a can of worms and only if you are really understanding how the system is working you can utilize the other options). If the service is not showing up it is because you are trying create a policy in a ISIM organizational container (e.g. Organizational Unit) that is not in the same or above the container your service is residing in - go back to the "General" policy folder and fix that (you should design an OU structure BEFORE starting provisioning activities..)
Each entitlement will then carry 0 to N parameters where you specify the behavior of the policy EVALUATION - the policy enforcement specified on the Service entity will perform what you need (default is "Mark" - to have automated closed loop provisioning the service will need to "Correct Compliance"..
This is very short intro to Provisioning Policies - please go through the formal documentation and other resources available on the WWW if you need to deep dive into it.
HTH
------------------------------
Franz Wolfhagen
IAM Technical Architect for Europe - Certified Consulting IT Specialist
IBM Security Expert Labs
------------------------------