Index
A
- access elevation / How does it work?
- Access Management Connector
- about / Access Management Connector
- ODBC connection file, creating / Creating the ODBC connection file
- generic SQL connector, creating for BHOLD orgunit / Creating the generic SQL connector for the BHOLD orgunit
- run profiles, creating / Creating run profiles
- BHOLD connector, creating / Creating a BHOLD connector and sync rules
- sync rules, creating / Creating a BHOLD connector and sync rules
- Active Directory
- about / Active Directory
- least-privileged approach / Least-privileged approach
- directory replication / Directory replication
- password reset / Password reset
- securing / Why deploy PAM?
- securing, reference link / Why deploy PAM?, System requirements
- Active Directory (AD)
- users, managing / Managing users in Active Directory
- inbound synchronization / Inbound synchronization from AD
- Active Directory Management Agent (AD MA), creating / Creating AD MA
- AD
- about / Active Directory
- groups, managing / Managing groups in AD
- password management, enabling in / Enabling password management in AD
- add-ins
- reference link / Add-ins and extensions
- additional sync engine information / Additional sync engine information
- ADFS configuration
- about / ADFS configuration
- CM installation / Step 1 – the CM installation and prerequisites
- CM prerequisites / Step 1 – the CM installation and prerequisites
- configuration wizard / Step 2 – the configuration wizard
- continued configuration / Step 3 – continued configuration
- final test / Step 4 – the final test
- Administration* Administrators control configuration related resources / Custom activities development
- admin key diversification
- reference link / The smart card management policy
- AD object data
- URL / Directory replication
- ANDed condition / Outbound System Scoping Filter
- application logging
- increasing / Increasing application logging
- Attestation module
- about / Attestation
- reference link / Attestation
- attribute-based authorization (ABA)
- reference link / Roles
- authentication levels, MIMC
- reference / Step 2 – CM domain trust and configuration
- Azure
- hybrid reporting / Hybrid reporting in Azure
- Azure AD Connect syn
- reference link / Access Management Connector
B
- backup and restore
- reference links / Backup and restore
- Backup and Restore Guide for FIM 2010
- reference link / Backup and restore
- backup considerations / Additional backup considerations
- Bell model
- reference link / Considerations
- best practice, MIM portal / MIM portal best practices
- best practice, MIM synchronization / MIM synchronization best practices
- best practices / Other best practices
- best practices, SQL / SQL best practices
- BHOLD
- BHOLD installation
- about / Installation
- reference link / Installation
- core and other components / BHOLD Core and other components
- technical reference link / BHOLD Core and other components
- MIM/FIM Integration install / MIM/FIM Integration install
- patching / Patching
- BHOLD Integration
- reference link / MIM/FIM Integration
- BHOLD Reporting module
- about / Reporting
- BHOLD role model objects
- about / BHOLD role model objects
- organizational units (orgunits) / Organizational units
- users / Users
- roles / Roles
- permissions / Permissions
- applications / Applications
- advanced features / Other advanced features
- Biba model
- reference link / Considerations
C
- CA configuration
- about / Configuring the CA
- MIM CM CA files, installing / Installing the MIM CM CA files
- Policy Module, configuring / Configuring the Policy Module
- capacity planning
- about / Capacity planning
- reference / Capacity planning
- centralized management model
- about / The centralized management model
- Certificate Lifecycle Management (CLM)
- about / MIM Certificate Management
- Certificate Lifecycle Manager (CLM) / Certificate management clients
- certificate management clients
- about / Certificate management clients
- MIM CM client, installing / Installing the MIM CM client
- Modern App deployment / Modern App deployment and configuration
- Modern App configuration / Modern App deployment and configuration
- certificate manager
- reference link / Configuration and deployment
- Certificate Revocation Lists (CRLs) / Certificate management agents
- certificate templates / Certificate management components
- certificate templates, for MIM CM service accounts
- creating / Creating certificate templates for MIM CM service accounts
- MIM CM User Agent certificate template / The MIM CM User Agent certificate template
- MIM CM Enrollment Agent certificate template / The MIM CM Enrollment Agent certificate template
- MIM CM Key Recovery Agent certificate template / The MIM CM Key Recovery Agent certificate template
- enabling / Enabling the templates
- challenges, Financial Company
- users provisioning / Provisioning of users
- identity life cycle procedures / The identity life cycle procedures
- highly privileged accounts (HPA) / Highly privileged accounts (HPA)
- password management / Password management
- traceability / Traceability
- Client Access Server (CAS) / Exchange 2010 and later
- client add-ins
- installing / Installing client add-ins
- client add-ins installation
- add-ins / Add-ins and extensions
- extensions / Add-ins and extensions
- CM
- about / What is certificate management?
- components / Certificate management components
- agents / Certificate management agents
- permission model / The certificate management permission model
- CM permission model
- about / The certificate management permission model
- areas / The certificate management permission model
- service accounts, creating / Creating service accounts
- Service Connection Point (SCP) / Service Connection Point
- Active Directory extended permissions / The Active Directory extended permissions
- certificate templates permission / The certificate templates permission
- profile template permission / The profile template permission
- management policy permission / The management policy permission
- configurable settings, service configuration file
- postStartupRecoveryRetryIntervalInMilliseconds parameter / Service partitions
- dataReadTimeoutInSeconds parameter / Service partitions
- dataWriteTimeoutInSeconds parameter / Service partitions
- configuration wizard, MIM CM
- about / The configuration wizard
- certificate templates, creating for service account / Creating certificate templates for MIM CM service accounts
- SSL, requiring on portal / Require SSL on the CM portal
- Kerberos Constrained Delegations / Kerberos… oh, what a world!
- kernel mode authentication, reference link / Kerberos… oh, what a world!
- configuration wizard, rerunning
- about / Rerunning the wizard
- accounts / The accounts
- database / The database
- connect data sources (CDS) / Enabling password management in AD
- Connected Data Source (CDS) / Inbound synchronization rules
- Context-adaptable permissions (CAPs) / Other advanced features
- CRL status
- reference link / The software management policy
- custom activities development
- reference link / Custom activities development
- custom activity
- debugging / Debugging a custom activity
- Customer Technical Preview (CTP) / Installing PAM
- Custom Resource and Attribute Management
- reference link / The MIM Service Management Agent
D
- data
- synchronizing, from MIM to SCSM / Synchronizing data from MIM to SCSM
- database maintenance / Database maintenance
- databases
- about / Databases
- collation and languages / Collation and languages
- SQL aliases / SQL aliases
- SQL / SQL
- SCSM / SCSM
- dbHR
- about / Creating an SQL MA
- default reports
- about / Default reports
- URL / Default reports
- Group Membership Change Report / Default reports
- Set Membership Change report / Default reports
- Group History report / Default reports
- Management Policy Rule History report / Default reports
- Request History report / Default reports
- Set History report / Default reports
- User History report / Default reports
- delta
- about / Directory replication
- Delta Import
- about / Single or multi step
- Delta Synchronization
- about / Single or multi step
- deprovisioning
- reference link / Creating the FIM Service MA, Synchronization rule
- deprovisioning options
- URL / Creating AD MA
- Detected Rule Entry (DRE)
- about / Detected Rule Entry
- reference link / Detected Rule Entry
- directory replication
- about / Directory replication
- Distinguished Name (DN) / Synchronization rule
- Distributed Component Object Model (DCOM) / Password Change Notification Service
- distribution groups
- synchronization rule / Synchronization rule
- creating / Creating and managing distribution groups
- managing / Creating and managing distribution groups
E
- Exchange
- managing / Managing Exchange
- reference link / Managing Exchange
- 2007 / Exchange 2007
- 2010 / Exchange 2010 and later
- synchronization rule / Synchronization rules for Exchange
- expectations
- versus reality / Expectations versus reality
- Expected Rule Entries (EREs) / Outbound Synchronization Policy
- Expected Rule Entry (ERE) / Action activities
- Expected Rules List (ERL) / Creating the MPR
- Extract, Transform, and Load (ETL)
- about / The SCSM ETL process
- URL / The SCSM ETL process
F
- FIM 2010 R2 Reporting
- deploying, reference link / Modifying reports
- FIM CM Backup and Restore
- reference link / Backup and restore
- FIM Reporting Disaster Recovery
- reference link / Backup and restore
- Financial Company
- about / The Financial Company
- challenges / The challenges
- environment / The environment
- Forefront Identity Manager 2010 (FIM 2010)
- Forefront Identity Manager 2010 R2
- deploying, reference link / Verifying the SCSM setup
- function evaluator
- reference link / Authorization activities
G
- group management
- Management Policy Rules (MPRs), modifying / Modifying MPRs for group management
- groups
- security groups / Security and distribution groups
- distribution groups / Security and distribution groups
- group scope
- member selection feature / Member selection
- group type flags
- reference link / Active Directory
H
- hardware
- about / Hardware
- hardware security module (HSM)
- about / Highly privileged accounts (HPA)
- Hardware Security Modules (HSMs)
- reference link / What is certificate management?
- HR (human resource)
- about / Creating Management Agents
- HR (SQL Server)
- about / HR (SQL Server)
- SQL MA, creating / Creating an SQL MA
- hybrid reporting
- in Azure / Hybrid reporting in Azure
I
- Identity Lifecycle Manager 2007 (ILM 2007)
- identity management (IdM)
- about / The challenges
- inbound synchronization
- rules / Inbound synchronization rules
- indexes
- rebuilding, reference link / Database maintenance
- initial load
- versus scheduled runs / Initial load versus scheduled runs
- about / Initial load versus scheduled runs
- installation, components
- about / Installation
- MIM Synchronization service / The MIM Synchronization service
- System Center Service Manager console / The System Center Service Manager console
- SharePoint Foundation / SharePoint Foundation
- MIM service and the MIM portal / The MIM service and the MIM portal
- MIM Password Reset portal / The MIM Password Reset portal
- MIM certificate management / MIM certificate management
- SCSM management / SCSM management
- SCSM Data Warehouse / SCSM Data Warehouse
- installation order, MIM CM components
- about / Installation order
K
- Kerberos configuration
- about / The Kerberos configuration
- SETSPN / SETSPN
- delegation / Delegation
- Kerberos Constrained Delegation (KCD)
- about / The Kerberos configuration
- Kerberos Delegation
- about / The Kerberos configuration
- Kerberos Version 5 Authentication Protocol
- reference link / Kerberos… oh, what a world!
L
- least-privileged approach
- about / Least-privileged approach
- local machine group policy
- reference link / Configuration and deployment
- logging custom activity
- reference link / Custom activities development
M
- maintenance mode
- disabling / Disabling maintenance mode
- MakeAppx utility
- reference link / Configuration and deployment
- Management Agent (MA)
- about / Least-privileged approach
- HR (SQL Server) / HR (SQL Server)
- Management Agents
- creating / Creating Management Agents
- types / Password synchronization
- Management Agents, creating
- Active Directory / Active Directory
- management policies / Certificate management components
- management policy permission
- about / The management policy permission
- software management policy / The software management policy
- smart card management policy / The smart card management policy
- Management Policy Rule (MPR)
- about / MIM Service request processing
- request-based MPR / The management policy
- set transition MPR / The management policy
- Management Policy Rules (MPRs) / Capacity planning
- modifying, for group management / Modifying MPRs for group management
- manager-initiated model
- about / The manager-initiated model
- member selection feature
- about / Member selection
- manual groups / Manual groups
- manager-based groups / Manager-based groups
- criteria-based groups / Criteria-based groups
- Metaverse attributes
- indexing / Indexing Metaverse attributes
- Metaverse extension DLL
- reference link / Non-declarative provisioning
- Metaverse object deletion logic
- URL / Object deletion in MV
- Metaverse rules extension
- about / The Metaverse rules extension
- Metaverse attributes, indexing / Indexing Metaverse attributes
- run profiles, creating / Creating run profiles
- Microsoft Identity 2016
- history / The history of Microsoft Identity 2016
- Microsoft Identity Integration Server (MIIS)
- Microsoft Management Console (MMC) / Allowing MIM Service to set passwords
- Microsoft Metadirectory Services (MMS)
- MIM
- about / Components at a glance
- components / Components at a glance
- group scope / Group scope and type in MIM
- type / Type
- scope / Scope
- data, synchronizing to SCSM / Synchronizing data from MIM to SCSM
- MIM/FIM Integration
- about / MIM/FIM Integration
- MIM best practices / Best practices concepts
- MIM Certificate Management
- about / MIM Certificate Management
- MIM certificate management (CM)
- installation / Installation and configuration
- configuration / Installation and configuration
- schema, extending / Extending the schema
- configuration wizard / The configuration wizard
- configuration wizard, running / Running the wizard
- certificates backup, obtaining / Backup certificates
- configuration wizard, rerunning / Rerunning the wizard
- MIM CM Update service, configuring / Configuring the MIM CM Update service
- database permissions / Database permissions
- CA, configuring / Configuring the CA
- MIM CM / SQL
- MIM CM permissions
- reference link / Service Connection Point
- MIM CM Audit / Service Connection Point
- MIM CM Enrollment Agent / Service Connection Point
- MIM CM Request Enroll / Service Connection Point
- MIM CM Request Recover / Service Connection Point
- MIM CM Request Renew / Service Connection Point
- MIM CM Request Revoke / Service Connection Point
- MIM CM Request Unblock Smart Card / Service Connection Point
- MIM components
- about / Components at a glance
- MIM licensing
- MIM PAM sample portal
- reference link / The sample PAM portal
- MIM Portal
- about / MIM Portal and Service
- used, for self-service / Self-service using MIM Portal
- used, for allowing managers for direct report viewing / Managers can see direct reports
- users, allowing for own attribute management / Allowing users to manage their own attributes
- MIM portal
- banner and logo / Understanding the portal and UI
- navigation bar / Understanding the portal and UI
- homepage center region / Understanding the portal and UI
- search scopes / Understanding the portal and UI
- Homepage Right / Understanding the portal and UI
- portal configuration / Portal configuration
- navigation bar resource / The navigation bar resource
- best practices / MIM portal best practices
- updates, reference link / Other best practices
- best practices, reference link / Other best practices
- MIM reporting
- about / MIM Reporting
- MIM Reporting
- reference link / Modifying reports
- MIM reports
- viewing / Looking at reports
- read access, granting to users / Allowing users to read reports
- modifying / Modifying reports
- TechNet article. reference link / Modifying reports
- MIM service
- PAM, using / PAM in the MIM service
- MIM Service / SQL
- about / MIM Portal and Service
- allowing, to set passwords / Allowing MIM Service to set passwords
- configuring / Configuring MIM Service
- MIM service DB
- restoring / Restoring the MIM service DB and portal
- MIM Service Management Agent
- about / The MIM Service Management Agent, The MIM Service MA
- FIM Service MA, creating / Creating the FIM Service MA
- filtering accounts / The MIM MA filtering accounts
- MIM Service request processing
- about / MIM Service request processing
- management policy / The management policy
- service partitions / Service partitions
- included authentication / Included authentication, authorization, and action activities
- authorization / Included authentication, authorization, and action activities
- authentication activities / Authentication activities
- authorization activities / Authorization activities
- action activities / Action activities
- MIM service requests failures
- about / MIM service request failures
- MIM Service schema
- MIM synchronization
- best practices / MIM synchronization best practices
- MIM synchronization DB
- restoring / Restoring the MIM synchronization DB
- MIM Synchronization interface
- about / MIM Synchronization interface
- MIM Synchronization Service
- about / MIM Synchronization Service
- MIM Sync schema
- versus MIM Service schema / MIM Sync versus MIM Service schema
- about / MIM Sync versus MIM Service schema
- MIM updates
- reference link / Preparing TFC
- model loader
- reference link / Organizational units
- Modern App
- deployment / Configuration and deployment
- configuration / Configuration and deployment
- multi-factor authentication (MFA)
- about / Multi-factor authentication
- reference link / Multi-factor authentication
- multiforest configuration
- about / Multiforest configuration
- CM DNS, setting up / Step 1 – CM DNS setup
- CM domain trust and configuration / Step 2 – CM domain trust and configuration
- CM forest configuration / Step 3 – CM forest configuration
- CM enrollment configuration / Step 4 – CM enrollment configuration
- multi step
- about / Single or multi step
- MV
- object deletion / Object deletion in MV
N
- nonadmins
- reference link / Configuration and deployment
- notification mechanism, MIMC
- reference / Creating the profile
O
- One Time Password (OTP) / Certificate management components
- operational health / Operational health
- operation statistics
- about / Operation statistics
- OTP gate
- versus QA gate / QA versus OTP
- about / The OTP gate
- One-Time Password Email Gate / The OTP gate
- One-Time Password SMS Gate / The OTP gate
- outbound synchronization rules
- about / Outbound synchronization rules
- Outbound Synchronization Policy / Outbound Synchronization Policy
- Outbound System Scoping Filter / Outbound System Scoping Filter
- Detected Rule Entry (DRE) / Detected Rule Entry
P
- PAM
- deploying / Why deploy PAM?
- components / PAM components
- working / How does it work?
- system requirements / System requirements
- reference link / System requirements
- deployment considerations, reference link / Considerations
- considerations / Considerations
- installing / Installing PAM
- PowerShell cmdlets, installing / Installing PAM PowerShell cmdlets
- permissions / DNS, trust, and permissions
- DNS / DNS, trust, and permissions
- trust / DNS, trust, and permissions
- roles / Privileged groups, users, and roles
- privileged groups / Privileged groups, users, and roles
- users / Privileged groups, users, and roles
- groups / Privileged groups, users, and roles
- using, in MIM service / PAM in the MIM service
- PAM components
- Active Directory management forest / PAM components
- about / PAM components
- PAM Client / PAM components
- MIM service / PAM components
- MIM database / PAM components
- PAM services / PAM components
- PAM REST API / PAM components
- PAM component service / PAM components
- PAM monitoring service / PAM components
- PAM disaster recovery
- reference link / Backup and restore
- PAM server
- preparing / Preparing the PAM server
- Password Change Notification Service
- about / Password Change Notification Service
- configuring / Password Change Notification Service
- password change notification service (PCNS)
- password management
- enabling, in AD / Enabling password management in AD
- password reset
- about / Password reset
- Password Reset AuthN workflow
- about / Password Reset AuthN workflow
- Password Reset Users Set
- about / Password Reset Users Set
- password synchronization
- about / Password synchronization
- enabling / Password synchronization
- Phone gate
- about / SSPR background, The Phone gate
- phone system
- users, managing / Managing users in a phone system
- placeholder tags
- reference link / Attestation
- plugins, MIMC
- reference / Creating the profile
- policies
- reference link / The smart card management policy
- portal
- basic structure / Understanding the portal and UI
- search scopes / Search scopes
- filter permissions / Filter permissions
- Resource Control Display Configurations (RCDCs) / Resource Control Display Configurations
- customizing, reference link / Resource Control Display Configurations
- custom activities development / Custom activities development
- restoring / Restoring the MIM service DB and portal
- portal MPRs
- using, for user management / Portal MPRs for user management
- post-installation configuration
- about / Post-installation configuration
- MIM service access, granting to MIM Sync / Granting the MIM service access to MIM Sync
- MIM Service mailbox, securing / Securing the MIM Service mailbox
- indexing, disabling in SharePoint / Disabling indexing in SharePoint
- IdentityManagement, redirecting to / Redirecting to IdentityManagement
- Kerberos, enforcing / Enforcing Kerberos
- editing binding in IIS, for MIM Password sites / Editing binding in IIS for MIM Password sites
- SCSM manager, registering in Data Warehouse / Registering the SCSM manager in data warehouse
- MIM post-install scripts, for Data Warehouse / MIM post-install scripts for data warehouse
- precedence / Synchronization rule
- prerequisites, MIM CM components
- about / Prerequisites
- databases / Databases
- web servers / Web servers
- MIM Service accounts and groups / MIM Service accounts and groups
- Kerberos configuration / The Kerberos configuration
- PRIV
- preparing / Preparing PRIV
- Privilege Access Management (PAM)
- about / Privilege Access Management
- privileged administrative workstations (PAW)
- about / Considerations
- reference link / Considerations
- production
- maintenance mode / Maintenance mode for production
- profile details / Certificate management components
- provisioning
- about / Provisioning
- non-declarative provisioning / Non-declarative provisioning
- Public Key Infrastructure (PKI)
- reference link / What is certificate management?
- design, reference link / What is certificate management?
- public key infrastructure (PKI)
- about / Highly privileged accounts (HPA)
Q
- QA gate
- versus OTP gate / QA versus OTP
- configuring / Configuring the QA gate
R
- Recipient Update Service (RUS) / Exchange 2007
- Remote Procedure Call (RPC) Servicel
- reference link / Kerberos… oh, what a world!
- Remote Server Administration Tools (RSAT)
- reference link / Privileged groups, users, and roles
- Replicating Directory Changes
- about / Directory replication
- Report Definition Language (RDL)
- about / Modifying reports
- request / MIM Service request processing
- request processing model
- reference link / The management policy
- RequestZipLookupActivity.cs
- code, reference link / Custom activities development
- reserved keywords
- reference link / Creating the generic SQL connector for the BHOLD orgunit
- Resource Control Display Configuration (RCDC) / Access Management Connector
- Resource Control Display Configurations (RCDCs) / Resource Control Display Configurations
- XML reference link / Resource Control Display Configurations
- REST API, for CM
- reference / Modern app and TPM virtual smart card
- role-based access control
- about / Role-based access control
- BHOLD role model objects / BHOLD role model objects
- roles
- separating / eparating roles
- databases / Databases
- MIM features / MIM features
- rule extension debugging
- rule extension logging
- rules extension
- creating / Creating a rules extension
- run profile guidance
- reference link / Automating run profiles
- run profiles
- creating / Creating run profiles
- automating / Automating run profiles
- run profiles, creating
- single step / Single or multi step
- multi step / Single or multi step
S
- sample PAM portal
- download link / The sample PAM portal
- about / The sample PAM portal
- scenario
- setting up / Our scenario
- TFC, preparing / Preparing TFC
- PRIV, preparing / Preparing PRIV
- PAM server, preparing / Preparing the PAM server
- scheduled runs
- schema management
- about / Schema management
- object deletion, in MV / Object deletion in MV
- SCSM
- data, synchronizing from MIM to / Synchronizing data from MIM to SCSM
- SCSM 2010 TechNet site
- URL / SQL aliases
- SCSM Disaster Recovery Guide
- reference link / Backup and restore
- SCSM ETL process
- about / The SCSM ETL process
- initial step / The SCSM ETL process
- initial-partial step / The SCSM ETL process
- incremental step / The SCSM ETL process
- SCSM setup
- verifying / Verifying the SCSM setup
- SCSM setup, verifying
- data synchronization, from MIM to SCSM / Synchronizing data from MIM to SCSM
- data, from MIM to SCSM / Synchronizing data from MIM to SCSM
- security context
- reference / Password Reset AuthN workflow
- security groups
- synchronization rule / Synchronization rule
- synchronization rule, reference link / Synchronization rule
- MIMCM-Helpdesk / Creating service accounts
- MIMCM-Managers / Creating service accounts
- Subscribers / Creating service accounts
- self-service model
- about / The self-service model
- separation of duties (SoD) / Role-based access control
- Service Connection Point (SCP) / Certificate management components, Service Connection Point
- Service Level Agreement (SLA) / Web servers
- Service Principal Names (SPN) / Step 1 – the CM installation and prerequisites
- Service Principle Names (SPNs) / Preparing PRIV
- service schema
- reference link / The MIM Service Management Agent
- SharePoint Foundation 2010 Backup and Recovery
- reference link / Restoring the MIM service DB and portal
- SharePoint Foundation 2013 Backup and Recovery
- reference link / Restoring the MIM service DB and portal
- SID (Security ID) / Managing groups in AD
- SID History migration
- reference link / Preparing TFC
- Sign Tool
- reference link / Configuration and deployment
- simple data problem / A simple data problem
- single step
- about / Single or multi step
- SQL best practices / SQL best practices
- SQL MA
- creating / Creating an SQL MA
- SQL Management Agents (MAs) / SQL aliases
- SQL Server collations
- URL / Collation and languages
- SQL Server Integration Services (SSIS) / SQL
- SSPR
- about / SSPR background
- installing / Installing self-service password reset
- re-registering / Require re-registration
- user experience / The SSPR user experience
- SSPR lockout
- about / SSPR lockout
- SSPR MPRs
- enabling / SSPR MPRs
- state-based processing
- reference link / Additional sync engine information
- support, for Non-MIM CM
- about / Using support for Non-MIM CM
- software certificate, creating / Creating the software certificate
- profile, creating / Creating the profile
- scenario, testing / Testing the scenario
- synchronization encryption key
- backing up / Backing up the synchronization encryption key
- synchronization rule, Exchange
- about / Synchronization rules for Exchange
- mailbox users / Mailbox users
- mail-enabled users / Mail-enabled users
- System requirements for System Center 2012 R2
- reference link / Modifying reports
T
- TechNet
- reference link / Preparing TFC, Preparing PRIV, Automating run profiles
- TechNet site
- URL / Collation and languages
- temporal sets
- about / Temporal sets
- TFC
- preparing / Preparing TFC
- TFC Users
- about / Least-privileged approach
- TPM virtual smart card
- about / Modern app and TPM virtual smart card
- certificate template, creating / Creating a certificate template
- profile, creating / Creating the profile
- scenario, testing / Testing the scenario
- TpmVscMgr command
- reference / Testing the scenario
- troubleshooting
- basics / The basics
- two-way trusts
- reference / Step 2 – CM domain trust and configuration
U
- UI
- about / Understanding the portal and UI
- usage keywords / The navigation bar resource
- example, reference link / Search scopes
- userAccountControl attribute
- about / The userAccountControl attribute
- reference link / The userAccountControl attribute
- user experience
- about / User experience
- user management
- portal MPRs, using / Portal MPRs for user management
- sets, configuring / Configuring sets for user management
- considerations / More considerations
- users, Active Directory (AD)
- managing / Managing users in Active Directory
- userAccountControl attribute / The userAccountControl attribute
- provisioning / Provisioning users to Active Directory
- inbound synchronization / Inbound synchronization from AD
- users, provisioning to Active Directory (AD)
- about / Provisioning users to Active Directory
- outbound synchronization rule, creating / Synchronization rule
- set, creating / Creating the set
- workflow, setting up / Setting up the workflow
- MPR, creating / Creating the MPR
W
- web servers
- about / Web servers
- MIM Portal / MIM Portal
- MIM password reset / MIM password reset
- MIM Certificate Management / MIM Certificate Management
- Windows Management Instrumentation (WMI) / Allowing MIM Service to set passwords
- workflow / Outbound Synchronization Policy