Setting up SharePoint Foundation 2013 for MIM 2016 SP1

It occurred to me while fighting with this over the last couple of days that I have never installed the MIM Portal in anything other than a lab. FIM Portal yes, but then only on SharePoint 2010 (even after 2013 was available, because it was a heck of a lot easier). While I know MIM…

IAM Design Principle: Separate form from function

When collecting requirements for an IAM solution we associate actions with various ways of categorising users – in other words, we are mapping “form” to “function”. When designing the IAM Solution, however, we need to provide a layer of separation between the two. The best way to illustrate why is with a real-life example.

IAM Design Principle: Lifecycle Events

I’ve really been trying to improve my skills at capturing and writing up requirements and one thing that helps is to list all the typical identity “lifecycle events”, along with: How to detect the event, and What to do when the event is detected. So for each target system I will have a table like…

IAM Design Principle: User Status Values

A field indicating a person’s “status” with respect to the organisation is a standard feature of all IAM implementations. Over many solutions I’ve boiled it down to four status values that satisfy all the lifecycle use cases I’ve come across: Pending – We know about this person but their hire (or re-hire) date is in…

IAM Design Principle: Don’t make decisions on an absense of data

I’ve been going on about this one for a long time, but in case anyone still isn’t on-board with this principal I’ll state it another way: data disappearing from a feed is not a suitable trigger for action. When we treat disappearance of data as a “trigger” we are interpreting a root cause from a…

IAM Design Principle: The Source of Truth is the place where people care about the data being right

I’ve recently started a new project and we’re in the requirements gathering phase, so lots of meetings and discussions, and also (thankfully) enthusiasm for the project. There’s also been lots of me repeating stuff I always say when trying to explain Good IAM Design, so I’ve decided to start a new series of short blog posts…

Breaking the AADConnect link – an Alumni example

I presented this at the MIM Team User Group meeting last week, but was having some computer issues and apparently people couldn’t hear me. There did seem to be quite a bit of interest from the comments window, so I figured I’d write it up as a blog post. This solution allows an Office 365 account…

It always comes back to Requirements

I’m just going to say it – many people in IT don’t give enough thought to requirements. They might think they do, there may even be a document with the word “Requirements” in the title, but are they good enough for the job?

Using the MIMWAL to create Policy objects

I worked with the FIMWAL in the past on a couple of MCS engagments, but hadn’t yet had the opportunity to use the open-sourced MIMWAL on an engagment. I have, however, just been converting something I’ve done before to all-MIMWAL workflows, in preparation for re-using the concepts on a new project. This is a pretty…