FIM Newbies – please also look at the “old” sync methods before making a decision

There’s a lot of interest in FIM, and that’s great – but I worry about all the focus on the codeless sync rules, which I’m not a fan of. Meanwhile behind it we have the best, most efficient and most flexible sync engine out there, now in 64-bits, and ready to do all sorts of impressive feats of provisioning and synchronizing, if you just put the time into learning how to configure it properly.

Here’s why I don’t like codeless sync rules (aka “Declarative Provisioning”):

  • They don’t do everything you need,
  • The whole Sync Rule – Workflow – MPR combination will get overly complex once you have a few different scenarios on the go,
  • It’s difficult to troubleshoot,
  • It adds extra objects (EREs and DREs) to slow down the sync – and the FIMMA is slow enough already,
  • It requires CALs, which will put it out of the price range for a lot of people anyway.

There are already plenty of questions on the forum along the lines of “How can I do x with codeless?” And more often than not the answer is “You can’t – but you can do it with a coded sync rule”. The fact is, to get the most out of this product you must, must, must learn about the ILM/MIIS ways of programming the Sync Service. And you may even find that it’s enough for your needs, and you can do without the CALs for now.

If you’d like to learn some more about traditional ILM methods then these posts are a good place to start: http://www.wapshere.com/missmiis/new-to-ilm-start-here

About: Carol

I've been doing IT for 30 years, and IdM for 15. I live in Australia and build IdM solutions based on Microsoft Identity Manager. I also play the violin, but that doesn't help much with the IdM solutions.