Microsoft Identity Manager 2016 Handbook
eBook - ePub

Microsoft Identity Manager 2016 Handbook

  1. 692 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Microsoft Identity Manager 2016 Handbook

About this book

A complete handbook on Microsoft Identity Manager 2016 – from design considerations to operational best practices

About This Book

  • Get to grips with the basics of identity management and get acquainted with the MIM components and functionalities
  • Discover the newly-introduced product features and how they can help your organization
  • A step-by-step guide to enhance your foundational skills in using Microsoft Identity Manager from those who have taught and supported large and small enterprise customers

Who This Book Is For

If you are an architect or a developer who wants to deploy, manage, and operate Microsoft Identity Manager 2016, then this book is for you. This book will also help the technical decision makers who want to improve their knowledge of Microsoft Identity Manager 2016. A basic understanding of Microsoft-based infrastructure using Active Directory is expected. Identity management beginners and experts alike will be able to apply the examples and scenarios to solve real-world customer problems.

What You Will Learn

  • Install MIM components
  • Find out about the MIM synchronization, its configuration settings, and advantages
  • Get to grips with the MIM service capabilities and develop custom activities
  • Use the MIM Portal to provision and manage an account
  • Mitigate access escalation and lateral movement risks using privileged access management
  • Configure client certificate management and its detailed permission model
  • Troubleshoot MIM components by enabling logging and reviewing logs
  • Back up and restore the MIM 2015 configuration
  • Discover more about periodic purging and the coding best practices

In Detail

Microsoft Identity Manager 2016 is Microsoft's solution to identity management. When fully installed, the product utilizes SQL, SharePoint, IIS, web services, the.NET Framework, and SCSM to name a few, allowing it to be customized to meet nearly every business requirement.

The book is divided into 15 chapters and begins with an overview of the product, what it does, and what it does not do. To better understand the concepts in MIM, we introduce a fictitious company and their problems and goals, then build an identity solutions to fit those goals. Over the course of this book, we cover topics such as MIM installation and configuration, user and group management options, self-service solutions, role-based access control, reducing security threats, and finally operational troubleshooting and best practices.

By the end of this book, you will have gained the necessary skills to deploy, manage and operate Microsoft Identity Manager 2016 to meet your business requirements and solve real-world customer problems.

Style and approach

The concepts in the book are explained and illustrated with the help of screenshots as much as possible. We strive for readability and provide you with step-by-step instructions on the installation, configuration, and operation of the product.

Throughout the book, you will be provided on-the-field knowledge that you won't get from whitepapers and help files.

Tools to learn more effectively

Saving Books

Saving Books

Keyword Search

Keyword Search

Annotating Text

Annotating Text

Listen to it instead

Listen to it instead

Microsoft Identity Manager 2016 Handbook

Table of Contents

Microsoft Identity Manager 2016 Handbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Instant updates on new Packt books
Preface
The story in this book
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
1. Overview of Microsoft Identity Manager 2016
The Financial Company
The challenges
Provisioning of users
The identity life cycle procedures
Highly privileged accounts (HPA)
Password management
Traceability
The environment
Moving forward
The history of Microsoft Identity 2016
Components at a glance
MIM Synchronization Service
MIM Portal and Service
MIM Certificate Management
Role-Based Access Control (RBAC) with BHOLD
MIM Reporting
Privilege Access Management
Licensing
Summary
2. Installation
Capacity planning
eparating roles
Databases
MIM features
Hardware
Installation order
Prerequisites
Databases
Collation and languages
SQL aliases
SQL
SCSM
Web servers
MIM Portal
MIM password reset
MIM Certificate Management
MIM Service accounts and groups
The Kerberos configuration
SETSPN
Delegation
Installation
The MIM Synchronization service
The System Center Service Manager console
SharePoint Foundation
The MIM service and the MIM portal
The MIM Password Reset portal
MIM certificate management
SCSM management
SCSM Data Warehouse
Post-installation configuration
Granting the MIM service access to MIM Sync
Securing the MIM Service mailbox
Disabling indexing in SharePoint
Redirecting to IdentityManagement
Enforcing Kerberos
Editing binding in IIS for MIM Password sites
Registering the SCSM manager in data warehouse
MIM post-install scripts for data warehouse
Summary
3. MIM Sync Configuration
MIM Synchronization interface
Creating Management Agents
Active Directory
Least-privileged approach
Directory replication
Password reset
Creating AD MA
HR (SQL Server)
Creating an SQL MA
Creating a rules extension
The Metaverse rules extension
Indexing Metaverse attributes
Creating run profiles
Single or multi step
Schema management
MIM Sync versus MIM Service schema
Object deletion in MV
Initial load versus scheduled runs
Maintenance mode for production
Disabling maintenance mode
Summary
4. MIM Service Configuration
MIM Service request processing
The management policy
Service partitions
Included authentication, authorization, and action activities
Authentication activities
Authorization activities
Action activities
The MIM Service Management Agent
The MIM Service MA
Creating the FIM Service MA
The MIM MA filtering accounts
Understanding the portal and UI
Portal configuration
The navigation bar resource
Search scopes
Filter permissions
Resource Control Display Configurations
Custom activities development
Summary
5. User Management
Additional sync engine information
Portal MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Outbound Synchronization Policy
Outbound System Scoping Filter
Detected Rule Entry
Provisioning
Non-declarative provisioning
Managing users in a phone system
Managing users in Active Directory
The userAccountControl attribute
Provisioning users to Active Directory
Synchronization rule
Creating the set
Setting up the workflow
Creating the MPR
Inbound synchronization from AD
Temporal sets
Self-service using MIM Portal
Managers can see direct reports
Allowing users to manage their own attributes
Managing Exchange
Exchange 2007
Exchange 2010 and later
Synchronization rules for Exchange
Mailbox users
Mail-enabled users
More considerations
Summary
6. Group Management
Group scope and types
Active Directory
Group scope and type in MIM
Type
Scope
Member selection
Manual groups
Manager-based groups
Criteria-based groups
Modifying MPRs for group management
Managing groups in AD
Security and distribution groups
Synchronization rule
Installing client add-ins
Add-ins and extensions
Creating and managing distribution groups
Summary
7. Role-Based Access Control with BHOLD
Role-based access control
BHOLD role model objects
Organizational units
Users
Roles
Permissions
Applications
Other advanced features
Installation
BHOLD Core and other components
MIM/FIM Integration install
Patching
Access Management Connector
Creating the ODBC conn...

Table of contents

  1. Microsoft Identity Manager 2016 Handbook

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Microsoft Identity Manager 2016 Handbook by David Steadman, Jeff Ingalls in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.