darrenjrobinson – Bespoke Identity and Access Management Solutions
Enterprise Microsoft and SailPoint Identity & Access Management Architect
It probably seems obvious by now, but I seem to live in PowerShell and Microsoft Identity Manager. I’m forever looking into the Microsoft Identity Manager Metaverse for objects.
However, sometimes I get tripped up by the differences in Object Classes between the FIM/MIM Service and the Metaverse, the names of the Object Classes (obviously not Person, Group and Contact) and in situations where they are case-sensitive. … keep reading
Yes, that title is quite a mouthful. And this post is going to be quite long. But worth the read if you are having to create a number of rules in Microsoft/Forefront Identity Manager, or even more so the same rule in multiple environments (eg.… keep reading
I have a complex customer environment where Microsoft Identity Manager is managing identities across three Active Directory Forests. The Forests all serve different purposes and are contained in different network zones. Accordingly there are firewalls between the zone where the MIM Sync Server is located and two of the other AD Forests as shown in the graphic below.… keep reading
Update 21 April ’17. The LithnetMIISAutomation PS Module now has a -Force switch for Delete-CSObject
As often happens in development environments, data changes, configurations change and at some point you end up with a whole bunch of objects that are in no-mans land.… keep reading
Lotus Notes. My old nemesis as both a user and as an Administrator is back to haunt me again.
There’s a reasonable amount written by others on the trials and tribulations of getting the FIM/MIM Notes / Domino Management Agent configured and working.… keep reading
One of the foundations of Identity Management is the ability to join an identity between disparate connected systems. As we extend our management of identities into cloud services this adds a few twists.
A key concept is to use an anchor that is persistent.… keep reading
Today I was performing a standalone installation of the MIM Self Service Password Reset Portals (Enrollment and Reset). These Portals rely on IIS and not the normal prerequisites associated with the MIM Service Portal (SharePoint etc). As such using PowerShell I’d only installed the Web Server Role with the usual dependencies.… keep reading
For those of you that may have missed it, in early 2016 Microsoft released a hotfix for Microsoft Identity Manager that included a change that removed the ability for multiple management agents on a Microsoft Identity Manager Synchronization Server to simultaneously run synchronization run profiles.… keep reading
I’ve been working on a project where I must have visibility of a large number of Azure AD Groups into Microsoft Identity Manager.
In order to make this efficient I need to use the Differential Query function of the AzureAD Graph API.… keep reading
Update: Aug 2019. See this post that evolves on this process including documenting the MIM Config and generation of a webpage with links for configs.
Last week in a customer development environment I had one of those oh shit moments where I thought I’d lost a couple of weeks of work.… keep reading