This is the first post in a series where I will provide a number of base-level Management Agents for Microsoft Identity Manager to integrate with SailPoint IdentityNow. Whilst the two products have areas of competing/equivalent functionality there are other aspects where integration of the two compliment each other.… keep reading
Granfeldt PowerShell Management Agent Schema HRESULT: 0x80231343 Error
Yesterday I was modifying the Schema configuration on a Granfeldt PowerShell Management Agent on a Microsoft Identity Manager 2016 SP1 Server.
I was changing the Anchor attribute for a different attribute and on attempting to refresh the schema or view the configuration I got the following error;
Unable to retrieve schema.… keep reading
Using Invoke-WebRequest calls within a Granfeldt PowerShell MA for Microsoft Identity Manager
If you use PowerShell extensively you should be familiar with the Invoke-RestMethod cmdlet and the ability for PowerShell to call API’s and receive information. The great thing about Invoke-RestMethod is the inbuilt conversion of the results to PowerShell Objects. However there are times when you need the raw response (probably because you are trying to bend things in directions they aren’t supposed to be; story of many of my integrations).… keep reading
Adding Delta Sync Support to the Microsoft Identity Manager PowerShell Management Agent for Workday HR
Recently I posted a sample Microsoft Identity Manager Management Agent for Workday HR. Subsequently I also posted about some updates I made to the WorkdayAPI PowerShell Module to enable functionality to specify the time period to return changes for. This post details updating my sample Workday Management Agent to support Delta Synchronisation.… keep reading
Updated: Azure AD B2B Guest Invitations Microsoft Identity Manager Management Agent
In August I posted this that detailed Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager. More recently Microsoft updated the Microsoft Graph to include additional information about Azure AD B2B Guest users and I wrote this that creates HTML Reports based off these new attributes.… keep reading
Building a Microsoft Identity Manager PowerShell Management Agent for Workday HR
Update 29 August 2019 See this post for multi-threading Granfeldt PowerShell Management Agent Imports (with Workday as an example).
Before I even get started with this post, let me state that the integration I describe here is not a standalone solution.… keep reading
Automate the Generation of a Granfeldt PowerShell Management Agent Schema Definition File
Generating Schema.ps1 for the Granfeldt FIM/MIM PowerShell Management Agent
Getting started writing your first Forefront/Microsoft Identity Manager Granfeldt PowerShell Management Agent can be a bit daunting. Before you can do pretty much anything you need to define the schema for the PSMA.… keep reading
Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager
Update: Oct 30 '18 Also see this post that adds support for Microsoft's updates to the Microsoft Graph to include additional information about Azure AD B2B Guest users.
Introduction
Earlier this year Microsoft released the Microsoft Identity Manager Azure AD B2B Management Agent.… keep reading
Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager v2, k-Anonymity and Have I Been Pwned
Background
In August 2017 Troy Hunt released a sizeable list of Pwned Passwords. 320 Million in fact.
I subsequently wrote this post on Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager which called the API and sets a boolean attribute in the MIM Service that could be used with business logic to force users with accounts that have compromised passwords to change their password on next logon.… keep reading
Provisioning Hybrid Exchange/Exchange Online Mailboxes with Microsoft Identity Manager
Introduction
Working for Kloud all our projects involve Cloud services, and all our customers have varying and unique requirements. Recently one of our customers embarked on their migration from On-Premise Exchange to Exchange Online. Nothing really groundbreaking there though, however they had a number of unique requirements including management of Litigation Hold.… keep reading