This is the first post in a series where I will provide a number of base-level Management Agents for Microsoft Identity Manager to integrate with SailPoint IdentityNow. Whilst the two products have areas of competing/equivalent functionality there are other aspects where integration of the two compliment each other.… keep reading
Using Invoke-WebRequest calls within a Granfeldt PowerShell MA for Microsoft Identity Manager
If you use PowerShell extensively you should be familiar with the Invoke-RestMethod cmdlet and the ability for PowerShell to call API’s and receive information. The great thing about Invoke-RestMethod is the inbuilt conversion of the results to PowerShell Objects. However there are times when you need the raw response (probably because you are trying to bend things in directions they aren’t supposed to be; story of many of my integrations).… keep reading
Adding Delta Sync Support to the Microsoft Identity Manager PowerShell Management Agent for Workday HR
Recently I posted a sample Microsoft Identity Manager Management Agent for Workday HR. Subsequently I also posted about some updates I made to the WorkdayAPI PowerShell Module to enable functionality to specify the time period to return changes for. This post details updating my sample Workday Management Agent to support Delta Synchronisation.… keep reading
Updated: Azure AD B2B Guest Invitations Microsoft Identity Manager Management Agent
In August I posted this that detailed Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager. More recently Microsoft updated the Microsoft Graph to include additional information about Azure AD B2B Guest users and I wrote this that creates HTML Reports based off these new attributes.… keep reading
Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager
Update: Oct 30 '18 Also see this post that adds support for Microsoft's updates to the Microsoft Graph to include additional information about Azure AD B2B Guest users.
Introduction
Earlier this year Microsoft released the Microsoft Identity Manager Azure AD B2B Management Agent.… keep reading
Getting started with the Lithnet REST API for the Microsoft Identity Manager Service
Update: Feb 2019 See this post for additional information configuring the Lithnet REST API for FIM/MIM post MIM v4.4.x.x
Introduction
A common theme with my posts on Microsoft Identity is the extensibility of it particularly with the Lithnet tools that Ryan has released.… keep reading
How to use the FIM/MIM Azure Graph Management Agent for B2B Member/Guest Sync between Azure Tenants
Introduction
UPDATE: August 2018 As promised below I've finally written up my Azure AD B2B Invitation Management Agent. You can find it in this post here. UPDATE: June 2018 When I originally wrote this post the intent was to test the ability of the Graph MA to export to Azure AD.… keep reading
Configuring Remote PowerShell to a Remote Active Directory Forest for FIM/MIM GalSync
Introduction
Windows Remote Management (aka Remote PowerShell) is a wonderful thing; when it works straight out of the box when you’re in the same domain. Getting it working across Forests though can feel like jumping through hoop after hoop, and sometimes like the hoops are on fire. … keep reading
Receive Push Notifications from Microsoft/Forefront Identity Manager on your Mobile/Tablet/Computer
Background
Recently in a FIM/MIM environment a daily automated process was executing but the task it was performing was dependent on an upstream process that generates a feed, and the schedule for that feed had changed (without notice to me). Needless to say FIM/MIM wasn’t getting the information it needed to process.… keep reading
Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager
Update: An element of this solution details checking passwords online (using the Have I Been Pwned API). Troy explains succinctly in his blog-post announcing the pwned passwords list why this is a bad idea. If you are looking to implement the concept I detail in this post then WE STRONGLY recommend using a local copy of the pwned password list.… keep reading