James Cowling Senior Technical Architect

Slides:



Advertisements
Similar presentations
Auditing Microsoft Active Directory
Advertisements

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core.
Windows Server 2003 AD 安裝設定與管理維護 林寶森
Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Important when you launch Yammer Enterprise Create an engaged and trusted community Decide about User Profile Syncs Various User and Admin.
Identity and Access Management
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Understanding Active Directory
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Chapter 7 WORKING WITH GROUPS.
Microsoft Identity and Access Solutions Market Trends and Futures
Chapter 12: Additional Active Directory Server Roles
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
Implementing Secure Shared File Access
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
8.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 8: Introducing Computer Accounts.
Module 6: Designing Active Directory Security in Windows Server 2008.
MIGRATING FROM MICROSOFT EXCHANGE SERVER AND OTHER MAIL SYSTEMS Appendix B.
Chapter 7: WORKING WITH GROUPS
A detailed look at the Microsoft Windows Infrastructure at UWE including Active Directory (AD), MIIS, Exchange, SMS, IIS, SQL Server, Terminal Services.
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?
Maintaining Active Directory Domain Services
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
MIIS in the Real World - MIIS at Centrica Mathew Rawlings Designer.
ArcGIS Server for Administrators
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Windows Role-Based Access Control Longhorn Update
Module 1: Implementing Active Directory ® Domain Services.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Administering Groups Chapter Eight. Exam Objectives In this Chapter:  Plan a security group hierarchy based upon delegation requirements  Plan a security.
1 Objectives Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources.
OVERVIEW OF ACTIVE DIRECTORY
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Autorisierung und rollenbasierte Sicherheit in.NET Anwendungen Jürgen Pfeifer Senior Architect Evangelist Developer & Platform Strategy Group Microsoft.
Microsoft Identity Integration Server & Role Base Access Theo Kostelijk Consultant Microsoft BV
Identities and Azure AD Premium
Chapter 6 Server Management: Domains Workgroup Domain Trust Relationship Examples.
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Managing Office 365 Identities and Requirements Question Answer
Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.
Managing Office 365 Identities and Requirements.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
Productivity Architect Meet Chris Bortlik Author, Blogger, Speaker.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Al Lilianstrom and Dr. Olga Terlyga NLIT 2016 May 4 th, 2016 Under the Hood of Fermilab’s Identity Management Service.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Secure Connected Infrastructure
Stop Those Prying Eyes Getting to Your Data
100% REAL EXAM QUESTION ANSWER
Module Overview Installing and Configuring a Network Policy Server
Global Catalog and Flexible Single Master Operations (FSMO) Roles
100% Exam Passing Guarantee & Money Back Assurance
Active Directory Administration
Unit 3 NT1330 Client-Server Networking II Date: 1/6/2016
Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016
Implementing Database Roles in the Enterprise Geodatababse
Unit 6 NT1330 Client-Server Networking II Date: 7/19/2016
Presentation transcript:

James Cowling Senior Technical Architect ADAM James Cowling Senior Technical Architect

Agenda What is ADAM? Relevance to IAM Real-world Implementation Scenarios

What is ADAM? LDAP Directory Based on AD technology Simple and clean to install and uninstall Without AD’s NOS and historical baggage Supports both DC=Microsoft, DC=COM O=Microsoft,C=US Integrates tightly with AD authentication Basically Free

Technical Matters of Interest Installation Simple to install Wizard or Unattended Multiple installs per server XP install limited to 10000 objects Password Policies Complexity rules similar to AD Backup and Restore EDB and LOG files

Replication Replication between ADAM instances on different computers using AD technology Flexible replication models possible

Administration Technical Administration via command-line tools DSMGMT Manage partitions, FSMO roles, policies, ports REPLADMIN Troubleshoot Replication DSDBUTIL Manage and troubleshoot the database DSACLS Manage Access Control Lists

Identity Administration ADSIEdit and LDP supplied with ADAM Many other tools exist Web-based Explorer-integrated Build or Buy Delegated Administration Permissions Through ADAM ACLs in user context Through 3rd Party tools in service account context

ADAM and IAM Centralized Identity Storage Flexible Authentication Centralized Identity Management Centralized Role Management

Identity Storage Users Groups Roles

Authentication Primary Authentication Methods is LDAP simple bind Forwards Windows Integrated Authentication for unknown users, and Proxies LDAP Binds for Known Users to AD and NT4 in same or trusted domains

Solutions Single Sign On HR-Driven Provisioning Centralized Web-based User Management

Single Sign-On Publishing Company 5000 Users Identities in AD and NT Require SSO for a WebSphere application

Solution Central ADAM User Directory Synchronize with AD and NT using MIIS ADAM Proxies Authentication requests Which are routed to AD and NT appropriately

HR-Driven Provisioning Large Retailer 65,000 users across multiple companies Growth partly through acquisition SAP systems HR Location / Facility Management Portal Workflow 34 AD Domains

Goals Improve Internal Communication Improve Efficiency White Pages solution Improve data quality Improve Efficiency Reduce human intervention during provisioning / deprovisioning Maintain control Approval workflows for account creation, assignment of portal roles Increase Security Identify and remove dormant accounts Increase confidence in security group memberships

Solution

Centralized User Admin Reinsurance company 5000 Users Offices around the world “Managed” Offices Members of global domain User management provided centrally “Unmanaged” Offices Stand-alone domains Local user management

Goals Provide global access to global applications True Single Sign On Minimize support costs Centralize Administration Reduced Sign On – Password Sync Improve Security Time-based deprovisioning

Solution Centralized Web-based User Management ASP.NET application Identities in ADAM Users, Contacts, Companies, incl. Inheritance MIIS-based provisioning to other systems Active Directory Oracle-based LOB systems HP/UX-based LOB systems Password Synchronization AD password is authoritative Sync to ADAM & HP/UX

Implementation

Questions?

James Cowling Senior Technical Architect ADAM James Cowling Senior Technical Architect

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.