Adventures in identity management
Note: this post was written for the RTM version of FIM 2010. After installing FIM, you will need to start configuring the Sync Service so that you can start to get data into and out of the Portal This post shows you how to configure the FIM Management Agent.
Note: this post applies to the RTM version of FIM 2010. I’m starting a new series of posts today showing how to build an identity management environment with FIM 2010. A lot of the concepts are covered in the Getting Started documentation, which you should of course read, however I think it’s often useful to…
Just an observation from some testing today – if you try and do an LDAP bind against a RODC you need to have the password cached, or cacheable. If the user is explicitly banned from having their password cached, the bind will fail. We were hoping it might magically work like the userProxy object in…
There’s a lot of interest in FIM, and that’s great – but I worry about all the focus on the codeless sync rules, which I’m not a fan of. Meanwhile behind it we have the best, most efficient and most flexible sync engine out there, now in 64-bits, and ready to do all sorts of…
I’ve been having a bit of a play with the powershell interface to the FIM Portal. I wanted to pre-populate a demo environment with an interesting set of criteria-based Securoity and Distribution groups, but they get a bit tedious to create by hand, and I wanted to see if powershell was the answer. I’m pretty…
This got me out of a pickle today. A slip-up in a join rule caused hundreds of bad joins to be made. There were far too many to un-do by hand, but then I figured out I could add a few lines to the Provisioning Sub of the MVExtension to remove all the joins made…
I just posted this article in the Greatest Hits series of the ILM Technet forum. It describes some of the methods and considerations around disabling and deleting users accounts with ILM.
Following on from my last post about the overlaps between FIM and Exchange 2010 I wanted to clarify for myself the group management capabilities in FIM, Exchange 2010 and ILM. Warning: I will have to revisit this post – as I haven’t yet installed Exchange 2010 in a production environment the Exchange comments are based…
I’ve been getting myself up to speed on the new feaures of Exchange 2010, and some of them look a little familiar…
Next in my “Five things about FIM” posts – five things I have learnt about Management Policy Rules.