Blog

Happy Halloween -- It's all about Identity Management

November 1, 2008

Last night as I took my children trick or treating through our neighborhood I thought about Halloween from an Identity Management Perspective: We provision temporary identities to our children (costumes) that allow them to make a claim when they show up at neighbors' doors “Trick or Treat (I am wearing costume – the claim; will your grant me access to candy – the resource request)?” At which point the neighbor will almost invariably give out some candy.

Live ID's are now Open ID's, Geneva supports SAML 2.0

October 30, 2008

At the PDC Microsoft’s Kim Cameron and colleague Bertocci Vittorio announced that Microsoft Live is now an Open Id provider. Additionally, when signing into Live you can use Information Cards (Info Card, Card Space, Geneva Card Space). They also demonstrated the new Geneva Framework (formerly known as Zermat) – essentially a successor to Windows Server 2008 Active Directory Federation Services, and showed it supporting SAML 2.0 the “protocol” not just SAML 2.

The Semi-Automated Install of ILM 2 Beta 3

October 22, 2008

ILM 2 Beta 3 won’t perform a completely automatic quiet install but we can come close. Colleague Brad Turner and I have developed the following approach to the install and the post install tasks. Brad worked out most of the issues with the ILM 2 Services install itself and then I worked on most of the issues with the post install tasks. I will cover the install of the Metadirectory services first, then the ILM 2 Beta 3 Identity Management Platform Services including its batch files and then discuss the post install tasks and present its related files.

SQL Server Agent should be running or install of ILM 2 Services fails

October 22, 2008

I posted the following to the Community Content Section of the ILM 2 Beta 3 Installation Guide The SQL Agent Service account must be a sql sysadmin and the SQL Agent Service must be running or during install you may get “error -2147217900 Failed to execute sql string addtemporaleventsjobtoSQLServer” while trying to install ILM 2 Beta 3 Identity Management Platform Services. Apparently, the install routine needs to create a SQL Agent Job and with SQL 2005 the Agent must be running to create a job.

Changing SQL Service Account Passwords for a Cluster

October 22, 2008

Here is an excellent script for changing service account passwords and should work fine as long as you restart the SQL services afterwards. However the following blog post indicates that more is going on than just a password change: “never use the plain old Windows Service Control Manager (SCM) to manipulate SQL Services. The SQL Server Configuration Manager does a lot more work in the background to keep security consistent across the installation.

Installing a Multi-Instance SQL 2005 Cluster

October 15, 2008

Hi, I’m installing SQL Server 2005 in 2 node … Unknown - Jun 3, 2010Hi, I’m installing SQL Server 2005 in 2 node cluster setup and I’m getting the below error: TITLE: Microsoft SQL Server 2005 Setup -—————————– SQL Server Setup has determined that the following account properties are not specified: ‘SQLBROWSERACCOUNT’ . The properties specify the startup account for the services that are installed. To proceed, refer to the template.

Installing a Multi-Instance SQL 2005 Cluster

October 15, 2008

Some of you may run into a problem when installing a multi-instance SQL Server Cluster, in particular when you install the second or third instance in your cluster. Like this one: Microsoft SQI Server 2005 Setup SQL server Setup has determined that the Following account properties are not specified: ‘SQLBROWSERACCOUNT’. The properties specify the startup account for the services that are installed. To proceed, refer to the template.ini and set the properties to valid account names.

Projections showing up as Joins?

October 8, 2008

Hi David, I this fast paced growing technology s… Unknown - Jun 5, 2021Hi David, I this fast paced growing technology space, dominating cloud technologies how do you feel about MIM’s future. Give i don’t see Microsoft doing any innovations/upgrade in this arena. Please help me understand. Thank you, Durgesh

Projections showing up as Joins?

October 8, 2008

https://connect.microsoft.com/feedback/ViewFeedback.aspx?FeedbackID=373881&SiteID=433 So I found a slight inconsistency when following some of the ILM 2 walk-throughs. When you setup an inbound synch rule that creates objects in ILM the lineage says that the connector space object became a connector through join rules instead of projection rules. Minor bug – but it sure can be confusing. HR Inbound Sync Rule General Information Created Time 8/27/2008 8:10:09 PM Connected System