Book Image

Microsoft Forefront Identity Manager 2010 R2 Handbook

By : Kent Nordstrom
Book Image

Microsoft Forefront Identity Manager 2010 R2 Handbook

By: Kent Nordstrom

Overview of this book

Microsoft's Forefront Identity Manager simplifies enterprise identity management for end users by automating admin tasks and integrating the infrastructure of an enterprise with strong authentication systems. The "Microsoft Forefront Identity Manager 2010 R2 Handbook" is an in-depth guide to Identity Management. You will learn how to manage users and groups and implement self-service parts. This book also covers basic Certificate Management and troubleshooting. Throughout the book we will follow a fictional case study. You will see how to implement IM and also set up Smart Card logon for strong administrative accounts within Active Directory. You will learn to implement all the features of FIM 2010 R2. You will see how to install a complete FIM 2010 R2 infrastructure including both test and production environment. You will be introduced to Self-Service management of both users and groups. FIM Reports to audit the identity management lifecycle are also discussed in detail. With the "Microsoft Forefront Identity Manager 2010 R2 Handbook" you will be able implement and manage FIM 2010 R2 almost effortlessly.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Forefront Identity Manager 2010 R2 Handbook
Kent Nordstrom
Aug, 2012 | 446 pages
No titles found
Table of Contents (21 chapters)
Microsoft Forefront Identity Manager 2010 R2 Handbook
Microsoft Forefront Identity Manager 2010 R2 Handbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
The Story in this Book
The Story in this Book
The Company
The challenges
The solutions
The environment
Moving forward
Summary

2
Overview of FIM 2010 R2
Overview of FIM 2010 R2
The history of FIM 2010 R2
FIM Synchronization Service (FIM Sync)
FIM Service
FIM Portal
FIM Reporting
FIM Certificate Management (FIM CM)
Licensing
Summary
3
Installation
Installation
Development versus production
Capacity planning
Separating roles
Hardware
Installation order
Prerequisites
Installation
Post-installation configuration
Summary
4
Basic Configuration
Basic Configuration
Creating Management Agents
Schema management
FIM Service MA
Initial load versus scheduled runs
Moving configuration from development to production
Summary
5
User Management
User Management
Modifying MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Provisioning
Managing users in a phone system
Managing users in Active Directory
Temporal Sets
Self-service using the FIM portal
Managing Exchange
Summary
6
Group Management
Group Management
Group scope and types
Installing client add-ins
Modifying MPRs for group management
Creating and managing distribution groups
Importing groups from HR
FIM Service and Metaverse
Managing groups in AD
Summary
7
Self-service Password Reset
Self-service Password Reset
Anonymous request
Enabling password management in AD
Allowing FIM Service to set passwords
Configuring FIM Service
The user experience
Summary
8
Using FIM to Manage Office 365 and Other Cloud Identities
Using FIM to Manage Office 365 and Other Cloud Identities
Overview of Office 365
Summary
9
Reporting
Reporting
Verifying the SCSM setup
Default reports
The SCSM ETL process
Looking at reports
Modifying the reports
Summary
10
FIM Portal Customization
FIM Portal Customization
Components of the UI
Portal Configuration
Navigation Bar Resource
Search scopes
Filter Permissions
RCDC
Summary
11
Customizing Data Transformations
Customizing Data Transformations
Our options
Managing Lync
Selective deprovisioning
The case with the strange roles
Summary
12
Issuing Smart Cards
Issuing Smart Cards
Our scenario
Extending the schema
The configuration wizard
Configuring the FIM CM Update Service
Database permissions
Configuring the CA
Installing the FIM CM client
FIM CM permissions
Allowing managers to issue certificates for consultants
RDP using Smart Cards
CM Management Agent
Summary
13
Troubleshooting
Troubleshooting
Reminder
Troubleshooting
Backup and restore
Summary
Afterword
Afterword
Index
Index

Our scenario

FIM CM can be used in many ways, but to show you a little bit about how we can use its basics, The Company will use it to allow managers (like John) to issue Smart Cards to consultants (like Kent).

For reference purposes I give you, once again, the FIM CM overview image I showed you in Chapter 2, Overview of FIM 2010 R2:

We have also, in Chapter 3, Installation, discussed how to install the FIM CM website. But with that we have only just begun our FIM CM deployment. So, let's move on and take a good look at FIM CM.

Assurance level

When discussing PKI (Public Key Infrastructure) and Smart Cards, you usually need to have some discussion about what level of assurance you would like for the identities secured by your PKI.

For some basic insight on PKI and assurance, please have a look at http://aka.ms/CorePKI.

In typical scenarios, many PKI designers will argue that you should use HSMs (Hardware Security Modules) to secure your PKI, in order to get the assurance level to use Smart Cards...

Previous Section
End of Section 2
Next Section