2.7M+ Identities

2.7M+ Identities

In our first seven years we have secured & managed: Over 2.7 million enterprise identities for over a dozen different organizations

Saving an estimated $50M-$79M annually

12-Time MVP

12-Time MVP

From 2007-2019, our founder, David Lundell, received the Microsoft Most Valuable Professional Award

Wrote the Book

Wrote the Book

As pioneers in this ever-evolving field, we took on the formidable task of creating the first comprehensive book on identity management.

Let us lock down your digital fortress

We have secured over 2.7 million identities. We can do it for you. Book a free 20 min consultation.

Book Time with an Expert

Latest

Introduction

Featured

For Identity Centered on Microsoft Cloud

For Identity Centered on Microsoft Cloud

Azure Active Directory – Microsoft is pouring more connections to cloud services, more GRC capabilities into AAD.

For Identity Centered on Premise

For Identity Centered on Premise

Microsoft Identity Manager – Many do and will continue to use MIM, especially for those with large on-premises investments that aren’t going away any time soon. Used in conjunction with AAD and/or Clear Skye and your solution can cover the Cloud and all your GRC needs.

For Identity Centered on Service Desk

For Identity Centered on Service Desk

HyperSync – A most intriguing option, HyperSync Panel is a high performance identity synchronization engine built on top of the Identity Panel application framework. Used in conjunction with AAD and MIM or apart, HyperSync provides incredible GRC capabilities right where everyone already goes — the Service Desk.

Testimonials

We have worked with many clients and we always like to hear they come out from the cooperation happy and satisfied. Have a look what our clients said about us.

  • David’s knowledge of SQL database systems and Identity Lifetime Manager is spectacular. His performance in envisioning and architecting Identity Management solutions is excellent and well directed. He is a gifted instructor, mentor and communicator. David’s speaking skills inform participant understanding and engagement with the complex technologies he has mastered. He possesses clear forethought regarding client needs. David is always willing to assist, participate in feedback on lessons learned, and step up to lead in new challenges. I highly endorse his work and his professional and personable style.

    Todd Kliewer

    Owner

  • David was able to apply his deep business and marketing acumen to increase the effectiveness and profitability of our Identity practice. David was also able to draw on his detailed technical background to act as leader and mentor to a team of technical individuals while drawing out their unique talents to work together and communicate effectively. David has been able to create a workplace rich in technical excellence which fosters respect and growth amongst the team. It has been a pleasure working with David in the past and I look forward to future chances to collaborate.

    Brad Turner

    Principal Engineering Services Manager at Microsoft

  • David is exactly what you would expect from a known MVP in the FIM community. His vast experience across identity, directory, and [many other] technologies are consistently key factors to the success of any project he is on. It was a pleasure and privilege to work with David on such projects, and would recommend with the utmost confidence.

    Jose Garza

    Premier Field Engineer at Microsoft

From our blog

Read more

MIMWAL Can run PowerShell 3.0 and beyond without PSRemoting or Start-Process!

on June 7, 2024

I just discovered that a colleague had several years prior managed to get MIMWAL PowerShell Activity to run Get-ADUser and other commandlets from the Active Directory Module (which requires PowerShell 3.0 or later) without using PowerShell Remoting or starting a new Process with Start-Process. <Caution> Per Eugene Sergeev This breaks SSPR AuthN workflows. </Caution> So if you aren’t using SSPR through MIM this might be an option for you!

Continue reading

Read more

SSL v TLS with EntraID Sync and MIM's Generic LDAP Connector

on April 11, 2024

Everyone knows that SSL is vulnerable and we should therefore use TLS. What isn’t well understood is the options presented for Binding (authentication) when using the Generic LDAP Connector with AADConnect or the Generic LDAP ECMA 2.x with MIM. We are presented 5 options: Anonymous Basic Kerberos SSL TLS When we tested we could get the SSL option to work over port 636, and we could get the TLS option to work on port 389 but we couldn’t get the TLS option to work over port 636.

Continue reading

Read more

What does MIM's StoreChk.exe do?

on March 29, 2024

I watched through SQL Profiler to better understand what these checks do, and I found an error with check #10. It says it is “Checking Lineage Guid table for MV objects with invalid MV object ids” but the SQL query it issues is the same as the query for Check # 9 “Checking Lineage Date table for MV objects with invalid MV object ids.” It queries the Lineate Date table instead of the Lineage GUID table like it says.

Continue reading

Read more

MIM StoreChk.exe Assumes SQL is Local

on March 28, 2024

On occasion you (usually with the help of PSS – Product Support Services) may need to verify the integrity of the MIM Synchronization Service Database. To do this you can use the Store Check tool, StoreChk.exe located in the bin folder under the root of your MIM Synchronization install. While the storechk tool does read the registry to find the name of the database (almost always is FIMSynchronizationService) it does not read the Server or Instance name registry values in the parameters key of the registry.

Continue reading

Update cookies preferences