Microsoft Identity Manager 2016 Handbook
eBook - ePub

Microsoft Identity Manager 2016 Handbook

David Steadman, Jeff Ingalls

Buch teilen
  1. 692 Seiten
  2. English
  3. ePUB (handyfreundlich)
  4. Über iOS und Android verfügbar
eBook - ePub

Microsoft Identity Manager 2016 Handbook

David Steadman, Jeff Ingalls

Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben

Über dieses Buch

A complete handbook on Microsoft Identity Manager 2016 – from design considerations to operational best practices

About This Book

  • Get to grips with the basics of identity management and get acquainted with the MIM components and functionalities
  • Discover the newly-introduced product features and how they can help your organization
  • A step-by-step guide to enhance your foundational skills in using Microsoft Identity Manager from those who have taught and supported large and small enterprise customers

Who This Book Is For

If you are an architect or a developer who wants to deploy, manage, and operate Microsoft Identity Manager 2016, then this book is for you. This book will also help the technical decision makers who want to improve their knowledge of Microsoft Identity Manager 2016. A basic understanding of Microsoft-based infrastructure using Active Directory is expected. Identity management beginners and experts alike will be able to apply the examples and scenarios to solve real-world customer problems.

What You Will Learn

  • Install MIM components
  • Find out about the MIM synchronization, its configuration settings, and advantages
  • Get to grips with the MIM service capabilities and develop custom activities
  • Use the MIM Portal to provision and manage an account
  • Mitigate access escalation and lateral movement risks using privileged access management
  • Configure client certificate management and its detailed permission model
  • Troubleshoot MIM components by enabling logging and reviewing logs
  • Back up and restore the MIM 2015 configuration
  • Discover more about periodic purging and the coding best practices

In Detail

Microsoft Identity Manager 2016 is Microsoft's solution to identity management. When fully installed, the product utilizes SQL, SharePoint, IIS, web services, the.NET Framework, and SCSM to name a few, allowing it to be customized to meet nearly every business requirement.

The book is divided into 15 chapters and begins with an overview of the product, what it does, and what it does not do. To better understand the concepts in MIM, we introduce a fictitious company and their problems and goals, then build an identity solutions to fit those goals. Over the course of this book, we cover topics such as MIM installation and configuration, user and group management options, self-service solutions, role-based access control, reducing security threats, and finally operational troubleshooting and best practices.

By the end of this book, you will have gained the necessary skills to deploy, manage and operate Microsoft Identity Manager 2016 to meet your business requirements and solve real-world customer problems.

Style and approach

The concepts in the book are explained and illustrated with the help of screenshots as much as possible. We strive for readability and provide you with step-by-step instructions on the installation, configuration, and operation of the product.

Throughout the book, you will be provided on-the-field knowledge that you won't get from whitepapers and help files.

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Microsoft Identity Manager 2016 Handbook als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Microsoft Identity Manager 2016 Handbook von David Steadman, Jeff Ingalls im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Informatique & Sciences générales de l'informatique. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag
Packt Publishing
Jahr
2016
ISBN
9781785283925
Auflage
1
Thema
Informatique
Thema
Sciences générales de l'informatique

Microsoft Identity Manager 2016 Handbook

Table of Contents

Microsoft Identity Manager 2016 Handbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Instant updates on new Packt books
Preface
The story in this book
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
1. Overview of Microsoft Identity Manager 2016
The Financial Company
The challenges
Provisioning of users
The identity life cycle procedures
Highly privileged accounts (HPA)
Password management
Traceability
The environment
Moving forward
The history of Microsoft Identity 2016
Components at a glance
MIM Synchronization Service
MIM Portal and Service
MIM Certificate Management
Role-Based Access Control (RBAC) with BHOLD
MIM Reporting
Privilege Access Management
Licensing
Summary
2. Installation
Capacity planning
eparating roles
Databases
MIM features
Hardware
Installation order
Prerequisites
Databases
Collation and languages
SQL aliases
SQL
SCSM
Web servers
MIM Portal
MIM password reset
MIM Certificate Management
MIM Service accounts and groups
The Kerberos configuration
SETSPN
Delegation
Installation
The MIM Synchronization service
The System Center Service Manager console
SharePoint Foundation
The MIM service and the MIM portal
The MIM Password Reset portal
MIM certificate management
SCSM management
SCSM Data Warehouse
Post-installation configuration
Granting the MIM service access to MIM Sync
Securing the MIM Service mailbox
Disabling indexing in SharePoint
Redirecting to IdentityManagement
Enforcing Kerberos
Editing binding in IIS for MIM Password sites
Registering the SCSM manager in data warehouse
MIM post-install scripts for data warehouse
Summary
3. MIM Sync Configuration
MIM Synchronization interface
Creating Management Agents
Active Directory
Least-privileged approach
Directory replication
Password reset
Creating AD MA
HR (SQL Server)
Creating an SQL MA
Creating a rules extension
The Metaverse rules extension
Indexing Metaverse attributes
Creating run profiles
Single or multi step
Schema management
MIM Sync versus MIM Service schema
Object deletion in MV
Initial load versus scheduled runs
Maintenance mode for production
Disabling maintenance mode
Summary
4. MIM Service Configuration
MIM Service request processing
The management policy
Service partitions
Included authentication, authorization, and action activities
Authentication activities
Authorization activities
Action activities
The MIM Service Management Agent
The MIM Service MA
Creating the FIM Service MA
The MIM MA filtering accounts
Understanding the portal and UI
Portal configuration
The navigation bar resource
Search scopes
Filter permissions
Resource Control Display Configurations
Custom activities development
Summary
5. User Management
Additional sync engine information
Portal MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Outbound Synchronization Policy
Outbound System Scoping Filter
Detected Rule Entry
Provisioning
Non-declarative provisioning
Managing users in a phone system
Managing users in Active Directory
The userAccountControl attribute
Provisioning users to Active Directory
Synchronization rule
Creating the set
Setting up the workflow
Creating the MPR
Inbound synchronization from AD
Temporal sets
Self-service using MIM Portal
Managers can see direct reports
Allowing users to manage their own attributes
Managing Exchange
Exchange 2007
Exchange 2010 and later
Synchronization rules for Exchange
Mailbox users
Mail-enabled users
More considerations
Summary
6. Group Management
Group scope and types
Active Directory
Group scope and type in MIM
Type
Scope
Member selection
Manual groups
Manager-based groups
Criteria-based groups
Modifying MPRs for group management
Managing groups in AD
Security and distribution groups
Synchronization rule
Installing client add-ins
Add-ins and extensions
Creating and managing distribution groups
Summary
7. Role-Based Access Control with BHOLD
Role-based access control
BHOLD role model objects
Organizational units
Users
Roles
Permissions
Applications
Other advanced features
Installation
BHOLD Core and other components
MIM/FIM Integration install
Patching
Access Management Connector
Creating the ODBC conn...

Inhaltsverzeichnis