Book Image

Microsoft Forefront Identity Manager 2010 R2 Handbook

By : Kent Nordstrom
Book Image

Microsoft Forefront Identity Manager 2010 R2 Handbook

By: Kent Nordstrom

Overview of this book

Microsoft's Forefront Identity Manager simplifies enterprise identity management for end users by automating admin tasks and integrating the infrastructure of an enterprise with strong authentication systems. The "Microsoft Forefront Identity Manager 2010 R2 Handbook" is an in-depth guide to Identity Management. You will learn how to manage users and groups and implement self-service parts. This book also covers basic Certificate Management and troubleshooting. Throughout the book we will follow a fictional case study. You will see how to implement IM and also set up Smart Card logon for strong administrative accounts within Active Directory. You will learn to implement all the features of FIM 2010 R2. You will see how to install a complete FIM 2010 R2 infrastructure including both test and production environment. You will be introduced to Self-Service management of both users and groups. FIM Reports to audit the identity management lifecycle are also discussed in detail. With the "Microsoft Forefront Identity Manager 2010 R2 Handbook" you will be able implement and manage FIM 2010 R2 almost effortlessly.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Forefront Identity Manager 2010 R2 Handbook
Kent Nordstrom
Aug, 2012 | 446 pages
No titles found
Table of Contents (21 chapters)
Microsoft Forefront Identity Manager 2010 R2 Handbook
Microsoft Forefront Identity Manager 2010 R2 Handbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
The Story in this Book
The Story in this Book
The Company
The challenges
The solutions
The environment
Moving forward
Summary

2
Overview of FIM 2010 R2
Overview of FIM 2010 R2
The history of FIM 2010 R2
FIM Synchronization Service (FIM Sync)
FIM Service
FIM Portal
FIM Reporting
FIM Certificate Management (FIM CM)
Licensing
Summary
3
Installation
Installation
Development versus production
Capacity planning
Separating roles
Hardware
Installation order
Prerequisites
Installation
Post-installation configuration
Summary
4
Basic Configuration
Basic Configuration
Creating Management Agents
Schema management
FIM Service MA
Initial load versus scheduled runs
Moving configuration from development to production
Summary
5
User Management
User Management
Modifying MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Provisioning
Managing users in a phone system
Managing users in Active Directory
Temporal Sets
Self-service using the FIM portal
Managing Exchange
Summary
6
Group Management
Group Management
Group scope and types
Installing client add-ins
Modifying MPRs for group management
Creating and managing distribution groups
Importing groups from HR
FIM Service and Metaverse
Managing groups in AD
Summary
7
Self-service Password Reset
Self-service Password Reset
Anonymous request
Enabling password management in AD
Allowing FIM Service to set passwords
Configuring FIM Service
The user experience
Summary
8
Using FIM to Manage Office 365 and Other Cloud Identities
Using FIM to Manage Office 365 and Other Cloud Identities
Overview of Office 365
Summary
9
Reporting
Reporting
Verifying the SCSM setup
Default reports
The SCSM ETL process
Looking at reports
Modifying the reports
Summary
10
FIM Portal Customization
FIM Portal Customization
Components of the UI
Portal Configuration
Navigation Bar Resource
Search scopes
Filter Permissions
RCDC
Summary
11
Customizing Data Transformations
Customizing Data Transformations
Our options
Managing Lync
Selective deprovisioning
The case with the strange roles
Summary
12
Issuing Smart Cards
Issuing Smart Cards
Our scenario
Extending the schema
The configuration wizard
Configuring the FIM CM Update Service
Database permissions
Configuring the CA
Installing the FIM CM client
FIM CM permissions
Allowing managers to issue certificates for consultants
RDP using Smart Cards
CM Management Agent
Summary
13
Troubleshooting
Troubleshooting
Reminder
Troubleshooting
Backup and restore
Summary
Afterword
Afterword
Index
Index

Troubleshooting

Depending on the part where we see the failure and the type of failure, the first problem is to isolate where the problem is.

Let's look at an example. If a user reports that he is unable to reset his password using his Windows client, there are a number of errors that might have occurred, such as:

  • The client is missing the add-ins and extensions

  • The add-ins and extensions are not configured correctly

  • The user is not part of the required set

  • The MPR is misconfigured

  • The workflow activity is not working

  • FIM Service is missing some permissions in FIM Sync

  • The AD MA is not configured correctly

  • FIM Sync is unable to reset the password on the DC

  • The DCs are not replicating as expected

A long list, and I have probably still missed some. What I am trying to show is that we need quite a bit of information about the error, in order to narrow down where the problem lies.

I will not be able to give you a complete guide to all scenarios, I won't even try. Instead I will give you some common errors...

Previous Section
End of Section 3
Next Section