Book Image

Microsoft Forefront Identity Manager 2010 R2 Handbook

By : Kent Nordstrom
Book Image

Microsoft Forefront Identity Manager 2010 R2 Handbook

By: Kent Nordstrom

Overview of this book

Microsoft's Forefront Identity Manager simplifies enterprise identity management for end users by automating admin tasks and integrating the infrastructure of an enterprise with strong authentication systems. The "Microsoft Forefront Identity Manager 2010 R2 Handbook" is an in-depth guide to Identity Management. You will learn how to manage users and groups and implement self-service parts. This book also covers basic Certificate Management and troubleshooting. Throughout the book we will follow a fictional case study. You will see how to implement IM and also set up Smart Card logon for strong administrative accounts within Active Directory. You will learn to implement all the features of FIM 2010 R2. You will see how to install a complete FIM 2010 R2 infrastructure including both test and production environment. You will be introduced to Self-Service management of both users and groups. FIM Reports to audit the identity management lifecycle are also discussed in detail. With the "Microsoft Forefront Identity Manager 2010 R2 Handbook" you will be able implement and manage FIM 2010 R2 almost effortlessly.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Forefront Identity Manager 2010 R2 Handbook
Kent Nordstrom
Aug, 2012 | 446 pages
No titles found
Table of Contents (21 chapters)
Microsoft Forefront Identity Manager 2010 R2 Handbook
Microsoft Forefront Identity Manager 2010 R2 Handbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
The Story in this Book
The Story in this Book
The Company
The challenges
The solutions
The environment
Moving forward
Summary

2
Overview of FIM 2010 R2
Overview of FIM 2010 R2
The history of FIM 2010 R2
FIM Synchronization Service (FIM Sync)
FIM Service
FIM Portal
FIM Reporting
FIM Certificate Management (FIM CM)
Licensing
Summary
3
Installation
Installation
Development versus production
Capacity planning
Separating roles
Hardware
Installation order
Prerequisites
Installation
Post-installation configuration
Summary
4
Basic Configuration
Basic Configuration
Creating Management Agents
Schema management
FIM Service MA
Initial load versus scheduled runs
Moving configuration from development to production
Summary
5
User Management
User Management
Modifying MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Provisioning
Managing users in a phone system
Managing users in Active Directory
Temporal Sets
Self-service using the FIM portal
Managing Exchange
Summary
6
Group Management
Group Management
Group scope and types
Installing client add-ins
Modifying MPRs for group management
Creating and managing distribution groups
Importing groups from HR
FIM Service and Metaverse
Managing groups in AD
Summary
7
Self-service Password Reset
Self-service Password Reset
Anonymous request
Enabling password management in AD
Allowing FIM Service to set passwords
Configuring FIM Service
The user experience
Summary
8
Using FIM to Manage Office 365 and Other Cloud Identities
Using FIM to Manage Office 365 and Other Cloud Identities
Overview of Office 365
Summary
9
Reporting
Reporting
Verifying the SCSM setup
Default reports
The SCSM ETL process
Looking at reports
Modifying the reports
Summary
10
FIM Portal Customization
FIM Portal Customization
Components of the UI
Portal Configuration
Navigation Bar Resource
Search scopes
Filter Permissions
RCDC
Summary
11
Customizing Data Transformations
Customizing Data Transformations
Our options
Managing Lync
Selective deprovisioning
The case with the strange roles
Summary
12
Issuing Smart Cards
Issuing Smart Cards
Our scenario
Extending the schema
The configuration wizard
Configuring the FIM CM Update Service
Database permissions
Configuring the CA
Installing the FIM CM client
FIM CM permissions
Allowing managers to issue certificates for consultants
RDP using Smart Cards
CM Management Agent
Summary
13
Troubleshooting
Troubleshooting
Reminder
Troubleshooting
Backup and restore
Summary
Afterword
Afterword
Index
Index

Filter Permissions

Filter Permissions are not so much about UI change, but they will affect how the UI behaves. Filter Permissions define which attributes we can use when defining filters for Sets and Groups.

Let's say you have added a new attribute to the schema called Employee Status and would like to create a set with all the users that have Employee Status = Active. Well this cannot be done, unless you add Employee Status to the correct Filter Permission object.

If we would like non-administrator users to be able to define this filter, we will need to add it to the Non-Administrator Filter Permission object. This is, however, not very common unless users can create dynamic groups.

Typically, the filters are changed by the administrators, after which we need to add the attribute to the Allowed Attributes list in Administrator Filter Permission.

Previous Section
End of Section 6
Next Section