Earlier this week I posted this blog post that showed a working example of using a custom Pwned Password FIM/MIM Management Agent to flag a boolean attribute in the MIM Service to indicate whether a users password is in the pwned passwords dataset or not.… keep reading
Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 1
Introduction
Recently I wrote about getting started with the latest IBM/Lotus Notes/Domino Management Agent for Microsoft Identity Manager. In a recent engagement we are using that MA to provision and manage identities into Domino. We are also using the MA to synchronise passwords via PCNS and MIM to the Notes users’ Internet (HTTP) password.… keep reading
Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager
Update: An element of this solution details checking passwords online (using the Have I Been Pwned API). Troy explains succinctly in his blog-post announcing the pwned passwords list why this is a bad idea. If you are looking to implement the concept I detail in this post then WE STRONGLY recommend using a local copy of the pwned password list.… keep reading
Synchronizing Exchange Online/Office 365 User Profile Photos with FIM/MIM
Introduction
This is Part Two in the two-part blog post on managing users profile photos with MIM (Microsoft Identity Manager). Part one here detailed managing users Azure AD/Active Directory profile photo. This post delves deeper into photos, specifically around Office 365 and the reason why you may want to manage these via FIM/MIM.… keep reading
Joining Identities between Active Directory and Azure Active Directory using Microsoft Identity Manager
Introduction
One of the foundations of Identity Management is the ability to join an identity between disparate connected systems. As we extend our management of identities into cloud services this adds a few twists.
A key concept is to use an anchor that is persistent.… keep reading
How to create a PowerShell FIM/MIM Management Agent for AzureAD Groups using Differential Sync and Paged Imports
Introduction
I’ve been working on a project where I must have visibility of a large number of Azure AD Groups into Microsoft Identity Manager.
In order to make this efficient I need to use the Differential Query function of the AzureAD Graph API.… keep reading
How to configure Paged Imports on the Granfeldt FIM/MIM PowerShell Management Agent
Introduction
In the last 12 months I’ve lost count of the number of PowerShell Management Agents I’ve written to integrate Microsoft Identity Manager with a plethora of environments. The majority though have not been of huge scale (<50k objects) and the import of the managed entities into the Connector Space/Metaverse runs through pretty timely.… keep reading
Office365 Licensing Management Agent for Microsoft Identity Manager
Licensing for Office365 has always been a moving target for enterprise customers. Over the years I’ve implemented a plethora of solutions to keep licensing consistent with entitlement logic. For some customers this is as simple as everyone gets say, an E3 license.… keep reading
A Twitter Management Agent for Microsoft Identity Manager
In the last couple of weeks I’ve been evaluating a number of different approaches/concepts for some upcoming MIM development projects. Some of these I’ve blogged about already.
Having an Identity Manager Metaverse with identity data is a key dependency to being able to validate ideas and concepts.… keep reading
Exception from HRESULT 0x80230729 creating a new FIM/MIM Management Agent
Another day, another piece of FIM/MIM experimentation. I had built a fresh MIM 2016 environment in Azure to test a few scenarios out. That all went quick and seamlessly thanks to some great templates and a few scripts. Until I came to create the management agent (the purpose of today’s experimentation).… keep reading