Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |

Published byMaliyah Covell Modified over 10 years ago

Similar presentations

Presentation on theme: "Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |"— Presentation transcript:

1 Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | ondrej@sevecek.com | www.sevecek.com |

2 Forefront Identity Manager 2010

3 Forefront Identity Manager  Identity Management  syncing AD/LDS/SQL/etc. database contents  indentity centered  Automatic group management  attribute values  manager  user self service  Web portal user/group management  SharePoint based  Self service password reset  web based and GUI extension

4 Identity?  User  Group  table, cabinet, pc, car,...

5 History  Identity Integration Server 2003 (MIIS 2003)  Identity Lifecycle Manager 2007 (ILM 2007)  MIIS 2003 + CLM 2007  Forefront Identity Manager 2010 (FIM 2010)  Forefront Idnetity Manager 2010 R2

6 Price?  5000 USD per CPU socket  80 USD per managed identity

7 Forefront Identity Manager  FIM Synchronization service  syncing AD/LDS/SQL/etc. database contents  indentity centered  FIM Service  attribute values  manager  user self service  FIM Portal  SharePoint based  Self service password registration and reset  web based and GUI extension

8 Forefront Identity Manager 2010

9 FIM Synchronization FIM Sync AD AD MA AD AD MA AD LDS SQL DB ADLDS MA SQL MADB MA Metaverse

10 FIM Service and Portal Idea FIM Sync AD AD MA AD LDS SQL ADLDS MA SQL MA Metaverse FIM Service SharePoint Portal

11 FIM Service Management FIM Sync FIM SVC DB FIM MA AD AD MA AD LDS SQL ADLDS MA SQL MA Metaverse FIM Service

12 FIM Portal FIM Sync FIM SVC DB FIM MA AD AD MA AD LDS SQL ADLDS MA SQL MA Metaverse FIM Service SharePoint Portal

13 Forefront Identity Manager 2010

14 AD Object Management  Manual group membership  scripting  Permission based delegation  OU hierarchy  using “static” groups  no attribute validation

15 AD Object Management Example  Prague managers can reset passwords for OU=Prague  Sales manager can change department to all users in OU=Sales and OU=Marketing  Sales manager can change group membership of Sales IS group  Users cannot reset their own passwords anonymously

16 FIM Management  Dynamic group membership  attribute query based  manager based  Policy based delegation  group membership  attribute value based  attribute validation

17 FIM Management Examples  Sales manager can change department to all users in OU=Sales and OU=Marketing  but only from Marketing to Sales  Users can reset their own passwords anonymously  after providing answers to several questions

18 FIM Management Examples  CZ Users can change their own telephone  but the format must be +420...  CZ Users can change their own city  but the result must still be CZ User  School director can change department of his students  but the students must remain in the same school  Sales manager can change group members of Sales IS group  but can add only his own users

19 FIM Management Examples  We have Sales Management group which contains several sales managers  Every sales user is assigned one of the sales managers  We can create a group that would contain all Sales people  group whos members are those people, whos manager is member of the Sales Management group

20 Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | ondrej@sevecek.com | www.sevecek.com |

Download ppt "Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |"

Similar presentations

ADManager Plus Simplify Your Active Directory Management.

ADManager Plus Simplify Your Active Directory Management.
FIM Best Practices - Architecting Identity Solutions that really work!

FIM Best Practices - Architecting Identity Solutions that really work!
Forefront Identity Manager 2010

Forefront Identity Manager 2010
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core.

Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core.
Microsoft Forefront Identity Manager 2010

Microsoft Forefront Identity Manager 2010
Microsoft Forefront Identity Manager 2010 Daniel MEYER Enterprise Technology Architect EMEA.

Microsoft Forefront Identity Manager 2010 Daniel MEYER Enterprise Technology Architect EMEA.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | CEH | | |

Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | CEH | | |
Making Entitlements in AD Understandable to the Business Rob de Jong Program Manager Microsoft Corporation SIA314.

Making Entitlements in AD Understandable to the Business Rob de Jong Program Manager Microsoft Corporation SIA314.
SharePoint 2010 Permissions Keith Tuomi. profile KEITH TUOMI SharePoint Consultant / Developer at itgroove Developing Online Systems since 1991 10 years.

SharePoint 2010 Permissions Keith Tuomi. profile KEITH TUOMI SharePoint Consultant / Developer at itgroove Developing Online Systems since years.
Virtual techdays INDIA │ 18-20 august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –

Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
02 | Managing Users, Groups, and Licenses Anthony Steven | Principal Technologist, Content Master Martin Coetzer | Portfolio Architect, Microsoft.

02 | Managing Users, Groups, and Licenses Anthony Steven | Principal Technologist, Content Master Martin Coetzer | Portfolio Architect, Microsoft.
Identity management integration options for Office 365

Identity management integration options for Office 365
Kerberos Underworld Ondrej Sevecek | MCM: Directory | MVP: Security |

Kerberos Underworld Ondrej Sevecek | MCM: Directory | MVP: Security |
Understanding Active Directory

Understanding Active Directory
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |

Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
Carol Wapshere MVP Senior Consultant LANexpert SA.

Carol Wapshere MVP Senior Consultant LANexpert SA.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures

Similar presentations

Ads by Google