Convert Policy and Schema XML files to CSV

I am in the process of re-writing my documentation scripts, which are somewhat different to the MS MIM Config Documenter, in that mine are designed to run on a workstation, and produce documents in Word format. Where they are much the same however, is long lists of configuration objects by object type, listing their attributes…

Pending Exports reporting script

I’ve just posted an updated version of my PendingExports.ps1 script here. The script parses the pending exports XML file produced by csexport.exe and produces single- and multi-value CSV files that you can import into Excel (split on the semi-colon). I’ve been tinkering with this script for years. This one now includes all current attribute values…

Lithnet AutoSync Trigger Scripting

After many years automating my MIM solutions with Event Broker/UnifyNow, I’m implementing a solution with Lithnet AutoSync. The result is the same event-driven sync as I’m used to, but I’ve had to get used to the different way AutoSync works. I always liked how Event Broker allowed me to integrate PowerShell scripts with run profiles,…

A simple PowerShell way to do Rules-based groups in AD

I’ve been helping a customer along the path towards a proper IAM solution, which has involved a lot of data clean-up, as it so often does. Criteria groups in MIM can encourage data quality as users don’t get the groups they need if their attributes aren’t correct – so I thought, how about getting them…

IAM Maturity and product selection

I have just completed a product selection exercise with a customer who has past experience of a failed solution with one of the Big Vendor products. In doing this I found it useful to refer to the Gartner IAM Maturity Model, because what is the use of fancy (/expensive) features if you don’t actually have…

Sources of Truth – again!

I’ve blogged about sources of truth, and specifically what makes a good one, before (in 2012 and again in 2016) but I’ve recently thought about an important feature of a SoT that I hadn’t included on my list before. So to recap, a good source of truth: is probably one of a number of sources…

Realms of Integration

This is a slightly updated picture from one I posted on twitter the other day. It’s an attempt to express my general view on high level “should be possible” integration conversations that get misunderstood as “clearly simple and straightforward and definitely happening”. In my mind I’m arguing against tightly-coupled integrations between disparate systems that do…

The perils of HR out-sourcing to an IAM solution

Over the years, I’ve been called in a few times when HR and/or payroll functions are being outsourced (or share-serviced, which is much the same thing), and this includes a migration to a new HR platform. Typically I have been brought in far too late in the proceedings when cost-cutting and service-simplification decisions have already…

How IDAM solutions cost you money

Anyone who’s been in the IDAM game for a while knows that IDAM solutions are hard to sell. We can be seen as pushing something customers “already have” – even though what they already have is a combination of manual process, scripts, inconsistent data and a tangled web of access “control” that no one really…

Portrait of a MIM project

I recently deployed a MIM 2016 solution into Production that took about 10 months to build, test and deploy. I decided to take a look at the percentage of overall time spent on broad work categories in the whole project, and that’s what this post is about. First I had to get the data on…