Microsoft Identity Manager 2016 Handbook
eBook - ePub

Microsoft Identity Manager 2016 Handbook

David Steadman, Jeff Ingalls

Compartir libro
  1. 692 páginas
  2. English
  3. ePUB (apto para móviles)
  4. Disponible en iOS y Android
eBook - ePub

Microsoft Identity Manager 2016 Handbook

David Steadman, Jeff Ingalls

Detalles del libro
Vista previa del libro
Índice
Citas

Información del libro

A complete handbook on Microsoft Identity Manager 2016 – from design considerations to operational best practices

About This Book

  • Get to grips with the basics of identity management and get acquainted with the MIM components and functionalities
  • Discover the newly-introduced product features and how they can help your organization
  • A step-by-step guide to enhance your foundational skills in using Microsoft Identity Manager from those who have taught and supported large and small enterprise customers

Who This Book Is For

If you are an architect or a developer who wants to deploy, manage, and operate Microsoft Identity Manager 2016, then this book is for you. This book will also help the technical decision makers who want to improve their knowledge of Microsoft Identity Manager 2016. A basic understanding of Microsoft-based infrastructure using Active Directory is expected. Identity management beginners and experts alike will be able to apply the examples and scenarios to solve real-world customer problems.

What You Will Learn

  • Install MIM components
  • Find out about the MIM synchronization, its configuration settings, and advantages
  • Get to grips with the MIM service capabilities and develop custom activities
  • Use the MIM Portal to provision and manage an account
  • Mitigate access escalation and lateral movement risks using privileged access management
  • Configure client certificate management and its detailed permission model
  • Troubleshoot MIM components by enabling logging and reviewing logs
  • Back up and restore the MIM 2015 configuration
  • Discover more about periodic purging and the coding best practices

In Detail

Microsoft Identity Manager 2016 is Microsoft's solution to identity management. When fully installed, the product utilizes SQL, SharePoint, IIS, web services, the.NET Framework, and SCSM to name a few, allowing it to be customized to meet nearly every business requirement.

The book is divided into 15 chapters and begins with an overview of the product, what it does, and what it does not do. To better understand the concepts in MIM, we introduce a fictitious company and their problems and goals, then build an identity solutions to fit those goals. Over the course of this book, we cover topics such as MIM installation and configuration, user and group management options, self-service solutions, role-based access control, reducing security threats, and finally operational troubleshooting and best practices.

By the end of this book, you will have gained the necessary skills to deploy, manage and operate Microsoft Identity Manager 2016 to meet your business requirements and solve real-world customer problems.

Style and approach

The concepts in the book are explained and illustrated with the help of screenshots as much as possible. We strive for readability and provide you with step-by-step instructions on the installation, configuration, and operation of the product.

Throughout the book, you will be provided on-the-field knowledge that you won't get from whitepapers and help files.

Preguntas frecuentes

¿Cómo cancelo mi suscripción?
Simplemente, dirígete a la sección ajustes de la cuenta y haz clic en «Cancelar suscripción». Así de sencillo. Después de cancelar tu suscripción, esta permanecerá activa el tiempo restante que hayas pagado. Obtén más información aquí.
¿Cómo descargo los libros?
Por el momento, todos nuestros libros ePub adaptables a dispositivos móviles se pueden descargar a través de la aplicación. La mayor parte de nuestros PDF también se puede descargar y ya estamos trabajando para que el resto también sea descargable. Obtén más información aquí.
¿En qué se diferencian los planes de precios?
Ambos planes te permiten acceder por completo a la biblioteca y a todas las funciones de Perlego. Las únicas diferencias son el precio y el período de suscripción: con el plan anual ahorrarás en torno a un 30 % en comparación con 12 meses de un plan mensual.
¿Qué es Perlego?
Somos un servicio de suscripción de libros de texto en línea que te permite acceder a toda una biblioteca en línea por menos de lo que cuesta un libro al mes. Con más de un millón de libros sobre más de 1000 categorías, ¡tenemos todo lo que necesitas! Obtén más información aquí.
¿Perlego ofrece la función de texto a voz?
Busca el símbolo de lectura en voz alta en tu próximo libro para ver si puedes escucharlo. La herramienta de lectura en voz alta lee el texto en voz alta por ti, resaltando el texto a medida que se lee. Puedes pausarla, acelerarla y ralentizarla. Obtén más información aquí.
¿Es Microsoft Identity Manager 2016 Handbook un PDF/ePUB en línea?
Sí, puedes acceder a Microsoft Identity Manager 2016 Handbook de David Steadman, Jeff Ingalls en formato PDF o ePUB, así como a otros libros populares de Informatique y Sciences générales de l'informatique. Tenemos más de un millón de libros disponibles en nuestro catálogo para que explores.

Información

Editorial
Packt Publishing
Año
2016
ISBN
9781785283925
Edición
1
Categoría
Informatique
Categoría
Sciences générales de l'informatique

Microsoft Identity Manager 2016 Handbook

Table of Contents

Microsoft Identity Manager 2016 Handbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Instant updates on new Packt books
Preface
The story in this book
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
1. Overview of Microsoft Identity Manager 2016
The Financial Company
The challenges
Provisioning of users
The identity life cycle procedures
Highly privileged accounts (HPA)
Password management
Traceability
The environment
Moving forward
The history of Microsoft Identity 2016
Components at a glance
MIM Synchronization Service
MIM Portal and Service
MIM Certificate Management
Role-Based Access Control (RBAC) with BHOLD
MIM Reporting
Privilege Access Management
Licensing
Summary
2. Installation
Capacity planning
eparating roles
Databases
MIM features
Hardware
Installation order
Prerequisites
Databases
Collation and languages
SQL aliases
SQL
SCSM
Web servers
MIM Portal
MIM password reset
MIM Certificate Management
MIM Service accounts and groups
The Kerberos configuration
SETSPN
Delegation
Installation
The MIM Synchronization service
The System Center Service Manager console
SharePoint Foundation
The MIM service and the MIM portal
The MIM Password Reset portal
MIM certificate management
SCSM management
SCSM Data Warehouse
Post-installation configuration
Granting the MIM service access to MIM Sync
Securing the MIM Service mailbox
Disabling indexing in SharePoint
Redirecting to IdentityManagement
Enforcing Kerberos
Editing binding in IIS for MIM Password sites
Registering the SCSM manager in data warehouse
MIM post-install scripts for data warehouse
Summary
3. MIM Sync Configuration
MIM Synchronization interface
Creating Management Agents
Active Directory
Least-privileged approach
Directory replication
Password reset
Creating AD MA
HR (SQL Server)
Creating an SQL MA
Creating a rules extension
The Metaverse rules extension
Indexing Metaverse attributes
Creating run profiles
Single or multi step
Schema management
MIM Sync versus MIM Service schema
Object deletion in MV
Initial load versus scheduled runs
Maintenance mode for production
Disabling maintenance mode
Summary
4. MIM Service Configuration
MIM Service request processing
The management policy
Service partitions
Included authentication, authorization, and action activities
Authentication activities
Authorization activities
Action activities
The MIM Service Management Agent
The MIM Service MA
Creating the FIM Service MA
The MIM MA filtering accounts
Understanding the portal and UI
Portal configuration
The navigation bar resource
Search scopes
Filter permissions
Resource Control Display Configurations
Custom activities development
Summary
5. User Management
Additional sync engine information
Portal MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Outbound Synchronization Policy
Outbound System Scoping Filter
Detected Rule Entry
Provisioning
Non-declarative provisioning
Managing users in a phone system
Managing users in Active Directory
The userAccountControl attribute
Provisioning users to Active Directory
Synchronization rule
Creating the set
Setting up the workflow
Creating the MPR
Inbound synchronization from AD
Temporal sets
Self-service using MIM Portal
Managers can see direct reports
Allowing users to manage their own attributes
Managing Exchange
Exchange 2007
Exchange 2010 and later
Synchronization rules for Exchange
Mailbox users
Mail-enabled users
More considerations
Summary
6. Group Management
Group scope and types
Active Directory
Group scope and type in MIM
Type
Scope
Member selection
Manual groups
Manager-based groups
Criteria-based groups
Modifying MPRs for group management
Managing groups in AD
Security and distribution groups
Synchronization rule
Installing client add-ins
Add-ins and extensions
Creating and managing distribution groups
Summary
7. Role-Based Access Control with BHOLD
Role-based access control
BHOLD role model objects
Organizational units
Users
Roles
Permissions
Applications
Other advanced features
Installation
BHOLD Core and other components
MIM/FIM Integration install
Patching
Access Management Connector
Creating the ODBC conn...

Índice