Adventures in identity management
Regular readers of this blog will know that, a few months ago, I made a big move from Europe back to my native Australia. All our stuff finally turned up a couple of weeks ago, and while looking for something else on a harddrive I came across this recording I made which demonstrates part of…
I had numerous great chats at TechEd Australia about enterprise identity management and Office 365. This is a particular subject of interest to me, after the big, complex BPOS project I worked on for the last 18 months. I don’t believe there’s any official guidance on how to prepare identities for Office 365 in a…
I wanted to follow up the BPOS Powershell Activity with an explanation of why I’m running some of the powershell actions in the Authorization phase.
Here’s something I’ve been promising to post for a while – my BPOS Powershell Activity.
I got a lot of questions about this at my TEC session where I demonstrated the work I’ve been doing to configure the FIM Portal as a front-end for BPOS administrative tasks. I don’t think I answered as well as I could have, so I’m going to lay it all out in this post: why…
The FIM Sync Service allows passwords to be synchronised from a source AD account to the user’s accounts in other systems. The sync is done at the point of password change and relies on the Password Change Notification Service, which you must install on your domain controllers. Many target systems are supported OOB, but for BPOS you…
This year I have been working on a large BPOS project, with 17000 mailboxes being migrated from a variety of source mail systems. As is currently obligatory for such an installation, we use DirSync to synchronise users, groups and contacts from a source AD to BPOS. So while I don’t need my own BPOS MA…
This one drove me crazy for a good while: I had been running the BPOS cmdlets just fine using my own account (and here I mean my local domain account, not the BPOS account) but when I switched to using a different account the BPOS cmdlets would not work. Essentially I was running a bunch…
One of the requirements for FIM 2010 is to have an email server (preferably Exchange 2007-2010) for notifications and other email-based functionality. But what do you do if you’ve migrated to a cloud-based email solution such as BPOS? You can use a BPOS service account with FIM, but unfortunately you won’t get the Outlook client functionality…
Here’s something else I’ve been developing, which I think has interesting potential. Essentially it’s an XMA which is used to provision powershell “command” objects. These objects contain the name of the cmdlet and the list of arguments, and the Export step is actually running the command.