Add to collection(s) Add to saved
  1. Business
  2. Management

ForeFront Identity Manager 2010

advertisement 
GOPAS
TECHED 2012
Ing. Ondřej Ševeček | GOPAS a.s. |
MCM: Directory Services | MVP: Enterprise Security |
ondrej@sevecek.com | www.sevecek.com |
FOREFRONT IDENTITY MANAGER
2010
Forefront Identity Manager 2010
OVERVIEW
Forefront Identity Manager
 Identity Management
 syncing AD/LDS/SQL/etc. database contents
 indentity centered
 Automatic group management
 attribute values
 manager
 user self service
 Web portal user/group management
 SharePoint based
 Self service password reset
 web based and GUI extension
Identity?
 User
 Group
 table, cabinet, pc, car, ...
History
 Identity Integration Server 2003 (MIIS 2003)
 Identity Lifecycle Manager 2007 (ILM 2007)
 MIIS 2003 + CLM 2007
 Forefront Identity Manager 2010 (FIM 2010)
 Forefront Idnetity Manager 2010 R2
Price?
 5000 USD per CPU socket
 80 USD per managed identity
Forefront Identity Manager
 FIM Synchronization service
 syncing AD/LDS/SQL/etc. database contents
 indentity centered
 FIM Service
 attribute values
 manager
 user self service
 FIM Portal
 SharePoint based
 Self service password registration and reset
 web based and GUI extension
Forefront Identity Manager 2010
COMPONENT DETAILS
FIM Synchronization
AD
AD
AD MA
AD
LDS
ADLDS MA
SQL MA
SQL
DB
AD MA
FIM Sync
DB MA
Metaverse
FIM Service and Portal Idea
AD
AD
LDS
AD MA
FIM Sync
ADLDS MA
Metaverse
SQL MA
SQL
FIM
Service
SharePoint
Portal
FIM Service Management
FIM
Service
AD
FIM SVC DB
AD
LDS
AD MA
FIM Sync
FIM MA
ADLDS MA
Metaverse
SQL MA
SQL
FIM Portal
FIM
Service
AD
FIM SVC DB
AD
LDS
AD MA
FIM Sync
FIM MA
ADLDS MA
Metaverse
SQL MA
SQL
SharePoint
Portal
Forefront Identity Manager 2010
FIM SERVICE AND PORTAL
MANAGEMENT SCENARIOS
AD Object Management
 Manual group membership
 scripting
 Permission based delegation
 OU hierarchy
 using “static” groups
 no attribute validation
AD Object Management Example
 Prague managers can reset passwords for
OU=Prague
 Sales manager can change department to all
users in OU=Sales and OU=Marketing
 Sales manager can change group
membership of Sales IS group
 Users cannot reset their own passwords
anonymously
FIM Management
 Dynamic group membership
 attribute query based
 manager based
 Policy based delegation
 group membership
 attribute value based
 attribute validation
FIM Management Examples
 Sales manager can change department to all
users in OU=Sales and OU=Marketing
 but only from Marketing to Sales
 Users can reset their own passwords
anonymously
 after providing answers to several questions
FIM Management Examples
 CZ Users can change their own telephone
 but the format must be +420...
 CZ Users can change their own city
 but the result must still be CZ User
 School director can change department of his
students
 but the students must remain in the same school
 Sales manager can change group members of
Sales IS group
 but can add only his own users
FIM Management Examples
 We have Sales Management group which
contains several sales managers
 Every sales user is assigned one of the sales
managers
 We can create a group that would contain all
Sales people
 group whos members are those people, whos
manager is member of the Sales Management
group
GOPAS
TECHED 2012
Ing. Ondřej Ševeček | GOPAS a.s. |
MCM: Directory Services | MVP: Enterprise Security |
ondrej@sevecek.com | www.sevecek.com |
THANK YOU!
Related documents
FIM Presentation - Kristiansand Trialklubb
FIM Presentation - Kristiansand Trialklubb
What the data tells us…and what it doesn`t
What the data tells us…and what it doesn`t
FIM/FAM: OUTCOME MEASURE
FIM/FAM: OUTCOME MEASURE
Slides from Departmental Presentation of Honors Research
Slides from Departmental Presentation of Honors Research
THE FIM UNDERSTANDING Functional Independent
THE FIM UNDERSTANDING Functional Independent
Virtual Smartcards
Virtual Smartcards
FIM MOBILE
FIM MOBILE
VCH & eduGAIN, Frank Vercoulen - Eindhoven Technical
VCH & eduGAIN, Frank Vercoulen - Eindhoven Technical
Microsoft Forefront Identity Manager 2010
Microsoft Forefront Identity Manager 2010
01. trend forecasting - Media Lab Helsinki
01. trend forecasting - Media Lab Helsinki
Predica-FIM-UG-July-2014
Predica-FIM-UG-July-2014
What*s FIM all about?
What*s FIM all about?
Reporting on FIM
Reporting on FIM
IPD - Forefront Identity Manager version 1.1
IPD - Forefront Identity Manager version 1.1
En_Migration_RS3-RIA
En_Migration_RS3-RIA
FIM User Group Meeting October 2013
FIM User Group Meeting October 2013
Authentication through Password Protection
Authentication through Password Protection
FIMnews - USC Marshall - University of Southern California
FIMnews - USC Marshall - University of Southern California
17-35-1-RV
17-35-1-RV
Approximations of the population Fisher information matrix- differences and consequences Pharmacometrics research group
Approximations of the population Fisher information matrix- differences and consequences Pharmacometrics research group
View Slides - Knowledge Center
View Slides - Knowledge Center
Release Notes for Forefront Identity Manager 2010
Release Notes for Forefront Identity Manager 2010
Download
advertisement