Almost 15 years ago Microsoft released Microsoft Identity Integration Server (MIIS) 2003. Microsoft also released a couple of Resource Toolkits for MIIS to assist customers and IT Integrators’ implement the product as up to that time it’s predecessor (Microsoft Metadirectory Services) was only available as part of a Microsoft Consulting engagement.… keep reading
A modern way to track FIM/MIM Attribute Value History utilizing Power BI
Introduction
Microsoft Identity Manager is fantastic for keeping data consistent between connected systems. Often however you want to know what a previous value of an attribute was. FIM/MIM however can only tell you the current value and the Management Agent it was received on and when, not the ability to track attribute value history.… keep reading
Awarded Microsoft MVP for Enterprise Mobility – Identity and Access Management
This week I was awarded Microsoft Most Valuable Professional for Enterprise Mobility for my work in the area of Identity and Access Management.
This is quite an honor and something I had never considered as for the majority of my professional career I’ve been employed by integrators that require all my work to be considered intellectual property that must not be shared publicly.… keep reading
Enabling and using Managed Service Identity to access an Azure Key Vault with Azure PowerShell Functions
Introduction
At the end of last week (14 Sept 2017) Microsoft announced a new Azure Active Directory feature – Managed Service Identity. Managed Service Identity helps solve the chicken and egg bootstrap problem of needing credentials to connect to the Azure Key Vault to retrieve credentials.… keep reading
Display Microsoft Identity Manager Sync Engine Statistics in the MIM Portal
Introduction
In the Microsoft / Forefront Identity Manager Synchronization Service Manager under Tools we have a Statistics Report. This gives a break down of each of the Management Agents and the Connectors on each MA and therefore MIM Sync Statistics.
I had a recent requirement to expose this information for a customer but I didn’t want them to have to connect to the Synchronization Server (and be given the permissions to allow them to).… keep reading
Configuring Remote PowerShell to a Remote Active Directory Forest for FIM/MIM GalSync
Introduction
Windows Remote Management (aka Remote PowerShell) is a wonderful thing; when it works straight out of the box when you’re in the same domain. Getting it working across Forests though can feel like jumping through hoop after hoop, and sometimes like the hoops are on fire. … keep reading
Receive Push Notifications from Microsoft/Forefront Identity Manager on your Mobile/Tablet/Computer
Background
Recently in a FIM/MIM environment a daily automated process was executing but the task it was performing was dependent on an upstream process that generates a feed, and the schedule for that feed had changed (without notice to me). Needless to say FIM/MIM wasn’t getting the information it needed to process.… keep reading
Creating an AzureAD WebApp using PowerShell to leverage Certificate Based Authentication
Introduction
Previously I’ve posted about using PowerShell to access the Microsoft AzureAD/Graph API in a number of different ways. Two such examples I’ve listed below. The first uses a Username and Password method for Authentication, whilst the second uses a registered application and therefore ClientID and Client Secret.… keep reading
Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 3
Introduction
As the title suggests this is Part 3, and the final part in a three-part post on configuring FIM/MIM to synchronise users passwords from AD to the Domino ID Vault via PCNS and FIM/MIM.
Part 1 here detailed the creation of a PowerShell Management Agent to join users from Domino to the MIM Sync Metaverse.… keep reading
UPDATED: Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager
Earlier this week I posted this blog post that showed a working example of using a custom Pwned Password FIM/MIM Management Agent to flag a boolean attribute in the MIM Service to indicate whether a users password is in the pwned passwords dataset or not.… keep reading