ADFS

Redmond Summit 2015

I am looking forward to presenting in an hour or so on “How Identity Management Impacts the bottom line.” Yesterday I had fun delivering a session on “ADFS vs Password Sync? It depends” This morning Alex Simons of Microsoft revealed a few new things that change some of my advice. Soon Azure AD can do the location restriction by application for SSO. This potentially eliminates a deal breaker for some people You can now run Password Sync and ADFS at the same time.

Continue reading

Implications of Office 365 Password Sync for ADFS (SSO)

Nice recap on the implications of Office 365’s… @binarybrewery - Jun 4, 2013Nice recap on the implications of Office 365’s Password Sync and why you may still need ADFS.

Continue reading

Implications of Office 365 Password Sync for ADFS (SSO)

The article on Password Sync for Office 365 is interesting news and clearly states that Federated users can’t have their password’s synced. In the Community Additions many curious users asked their questions treating it as a forum. Well here are my responses: If you do Password Sync do you still need ADFS or any other SSO tool that works with Office365? Password Sync gives you the ability to login to Office365 using the same username and password that you use with your Active Directory.

Continue reading

Insight Cloud SSO Solution and FIM Jumpstart offerings

I wrote an article for the Insight Newsletter about two of our new offerings. Solving identity and access management for mid-sized business By David Lundell, Sr. Manager, Identity and Security Practice User productivity, IT budgets, and security and compliance all suffer from ineffective identity and access management. Insight has two new packages aimed at helping mid-sized businesses confront these challenges in the age of the cloud. Read more. http://feeds.feedburner.com/IdentityLifecycleManagerilmBestPractices

Continue reading

FIM R2 Showdown -- Classic vs. Declarative

Come join me at The Experts Conference 2012 in San Diego April 29 - May2 where I will be presenting: FIM R2 Showdown — Classic vs. Declarative Speaker: David Lundell Is there room enough for both in this town? FIM 2010 R2 has two ways of accomplishing many tasks: Classic and Declarative. Attend this showdown to learn when to saddle up Classic vs. when to saddle up with Declarative Sync Rules and why.

Continue reading

Calling a stored procedure in an ADFS claims rule

After you have setup your SQL Attribute Claims Store in ADFS. If you want to use it and in fact test it you must set up a claims rule that makes use of it. To do this you must create a claim using a custom rule, which allows you to employ the claims rule language. The following technet entry is a good start as it illustrates how to enter a SQL Query and even a stored procedure.

Continue reading

Troubleshooting SQL Attribute Stores with ADFS

Several others have showed how to define SQL attribute stores with ADFS. Note that when entering the connection string there is no validation or feedback to the administrator. If there is a problem you usually won’t see it until you setup a claims rule that uses it and you get an error. So make certain to carefully build and test your connection string. Remember that if you use integrated authentication to connect to the SQL Server that it will run under the context of your ADFS Service account so you will need to grant your ADFS service account permissions to the SQL Server and Database.

Continue reading

TEC 2010 Europe – Sweet German Chocolate!

Sounds like a great conference. The Berliners will… johnkaiser - Nov 2, 2010Sounds like a great conference. The Berliners will want you back soon with Volume2!

Continue reading

TEC 2010 Europe – Sweet German Chocolate!

Overall TEC 2010 Europe in Dusseldorf Germany was pretty cool. I enjoyed the speakers reception on Sunday night and got to meet some folks from the SharePoint side some of whom are even interested in FIM and one of them bought my book! For the first time I was able to bring my wife along to TEC! We enjoyed some good time in Dusseldorf including seeing Schloss (Palace) Benrather. Monday we started off with a keynote from Uday Hegde and Mark Wahl on the future of Directory and Identity Technologies.

Continue reading

ADFS v2 Test Report -- Found

Something has happened with the project liberty website and most links to it are now broken, including the link to the test results from last year which includes which profiles ADFS v2 passed. So here it is: http://projectliberty.org/liberty/content/download/4732/32917/file/SAML_3Q09_%20IOP_Test_Event_Final_Report.pdf ADFS v2 passed: IDP Lite, SP Lite, eGov 1.5 http://feeds.feedburner.com/IdentityLifecycleManagerilmBestPractices

Continue reading