Years ago, I walked into the client site a few months into an Identity Management project, and the PM told me his account had been deactivated by mistake as an employee with the same last name and same first initial was terminated, and they termed his account by mistake. Ironic. A few years before that I visited a client whose VP of HR had his account disabled when they let the janitor go.
In some environments, like government, having that… REALHIPHOPINYOURLIFE - May 5, 2014In some environments, like government, having that local SQL means a whole different security profile…a lot of security groups aren’t going to make a distinction between that local SQL and Full Blown SQL when they scan the system since they use some of the same binaries. Good comment. So in those environments that could be an extra reason to farm to avoid local SQL and the extra security
Whether ‘tis nobler in the mind to suffer the slings and arrows of outrageous fortune Or to take Farms against a sea of patches and by opposing end them? To, die, to sleep – Today I will be “moderating” the debate about using SharePoint Farms vs. Stand-Alone as the foundation for the FIM Portal. In this corner we have Paul Williams of Microsoft sharing knowledge from his hard fought victories with FIM and painful experiences with Farms.
Last week the Product group announced the new name for FIM and MIM’s the word Microsoft Identity Manager. Of course as a good futurist I had made enough guesses that I got this one right, even though as an honest man I must admit I also had it wrong – Azure is not part of the name. Fortunately, they didn’t go with APE nor AILMENT, nor MIME, nor MIAMI, nor MICE, nor MAIM, nor WIMP.
Recently, a reader reached out to me for advice on learning FIM, SQL and IIS. As well as guidance on setting up a lab (more advice on that part in a later post). First think for a moment about your best learning styles for technology. Do you need to read the concepts and architecture first and then do it? Do you need to watch a video and then read, and then do it?
Actually it’s MIM (Microsoft Identity Manager)… Oliver Hanappi - Apr 3, 2014Actually it’s MIM (Microsoft Identity Manager). See http://blogs.technet.com/b/server-cloud/archive/2014/04/23/forefront-identity-manager-vnext-roadmap-now-microsoft-identity-manager.aspx Like any good futurist I guessed so many things that one of them was bound to be right http://blog.ilmbestpractices.com/2013/07/the-mvp-7-year-itch.html?m=1
Did you know that if you subscribe to Azure AD Premium you also get licenses for FIM? Well if that isn’t a hand tipper I don’t know what is. I think we can safely assume the next version of FIM will have Azure in the name. Safe or not I am going speculate that it will. Azure Identity Manager (AIM) – I would be ok with this Azure Role Based Access Manager (ARBAM) – Explosive sounding name
For years I have been trying to predict the future of Identity Management, but every time I look in my crystal ball it is just too cloudy to see anything. In fact anytime I look in my crystal ball on just about any technology topic the only thing it shows me are clouds! I was beginning to think it was broken. But then, yesterday, I watched Andreas Kjellman present at the FIM user group
If one of your AD domains has a NetBios domain name that doesn’t match the leftmost part of your FQDN you need to have the Replicating Directory Changes permission given to your AD MA account. This is documented in a few places including my book. However, DirSync misses this step. Normally, Dirsync does a very good job of installing and configuring everything which you need without needing you to be an expert in FIM, but this is one thing it misses.
I see two challenges: 1. There is not feature pari… Craig Martin - Oct 3, 2013I see two challenges: 1. There is not feature parity between the two types of sync rules 2. The imperative support (VBA) in the new sync rules is limited and difficult to debug My wish is that we had better extensibility in the new sync rules (scrap VBA, or figure out how to improve the extensibility and debugging).
