Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Identity Management with MIIS 2003 Steve Plank Architectural Engineer Session code.

Published byWinifred Barrett Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction to Identity Management with MIIS 2003 Steve Plank Architectural Engineer Session code."— Presentation transcript:

1 Introduction to Identity Management with MIIS 2003 Steve Plank Architectural Engineer Session code

2 Agenda MIIS Scenarios How MIIS works MIIS Futures

3 Hire Scenario HRSystem MIIS Notes ContractorSystem AD App Mode SQLServer iPlanetDirectory ActiveDirectory LotusNotes File LDAP SQL LDAP

4 Fire Scenario HRSystem MIIS Notes ContractorSystem AD App Mode SQLServer iPlanetDirectory ActiveDirectory LotusNotes File LDAP SQL LDAP

5 Identity Joining Scenario HRSystem MIIS iPlanetDirectory ActiveDirectory LotusNotes givenName sn title mail employeeID telephone Klarek Cenntt 008 givenName sn title mail employeeID telephone givenName sn title mail employeeID telephone Clark Kennttt 007 givenName sn title mail employeeID telephone Klarke Kent Superhero 007 867-5309 Clark Kent 007 Reporter Clark@contoso.com 867-5309 Clark Kent Reporter Clark@contoso.com 007 Project to Metaverse givenName sn title mail employeeID telephone Clark Kent 007 Join on employeeID JOINED PROJECTED 007 Join on employeeID JOINED Join on employeeID JOINED Manual Join

6 Attribute Flow Scenario HRSystem MIIS iPlanetDirectory ActiveDirectory LotusNotes FirstName LastName EmployeeID Title E-Mail Telephone givenName sn title mail employeeID telephone Klarek Cenntt 008 givenName sn title mail employeeID telephone givenName sn title mail employeeID telephone Clark Kennttt 007 givenName sn title mail employeeID telephone Klarke Kent Superhero 007 givenName sn title mail employeeID telephone 867-5309 Clark Kent 007 Reporter Clark@contoso.com 867-5309 Clark Kent Reporter Clark@contoso.com 007 Identity Data Aggregation givenName sn title mail employeeID telephone 007 Clark Kent 007 Reporter 867-5309

7 Attribute Flow Scenario HRSystem MIIS iPlanetDirectory ActiveDirectory LotusNotes FirstName LastName EmployeeID Title E-Mail Telephone givenName sn title mail employeeID telephone Klarek Cenntt 007 givenName sn title mail employeeID telephone givenName sn title mail employeeID telephone Clark Kennttt 007 givenName sn title mail employeeID telephone Klarke Kent Superhero 007 givenName sn title mail employeeID telephone867-5309 Clark Kent 007 Reporter 867-5309 Clark Kent Reporter Clark@contoso.com 007 Clark@contoso.com Clark Kent Reporter Clark@contoso.com 867-5309 Reporter Clark@contoso.com 867-5309 Clark Kent Clark@contoso.com Clark Reporter 867-5309 Identity Data Brokering (Convergence)

8 Attribute Flow Scenario HRSystem MIIS iPlanetDirectory ActiveDirectory LotusNotes FirstName LastName EmployeeID Title E-Mail Telephone givenName sn title mail employeeID telephone 007 givenName sn title mail employeeID telephone givenName sn title mail employeeID telephone Clark 007 givenName sn title mail employeeID telephone Kent 007 givenName sn title mail employeeID telephone867-5309 Clark Kent 007 867-5309 Clark Kent Reporter Clark@contoso.com 007 Clark@contoso.com Kent Reporter 867-5309 Reporter Clark@contoso.com 867-5309 Clark Kent Clark@contoso.com Clark Reporter 867-5309 Identity Data Integrity Enforcement 007 Superhero ReporterSuperhero

9 Identity Data Integrity Enforcement HRSystem MIIS iPlanetDirectory LotusNotes ActiveDirectory FirstName LastName EmployeeID Title E-Mail Telephone givenName sn title mail employeeID telephone 007 givenName sn title mail employeeID telephone givenName sn title mail employeeID telephone Clark 007 givenName sn title mail employeeID telephone Kent 007 givenName sn title mail employeeID telephone867-5309 Clark Kent 007 867-5309 Clark Kent Reporter Clark@contoso.com 007 Clark@contoso.com Kent Publisher 867-5309 Publisher Clark@contoso.com 867-5309 Clark Kent Clark@contoso.com Clark Reporter 867-5309 Identity Data Integrity Enforcement 007 Reporter SuperheroReporter

10 MIIS in action… Demo

11 Agenda MIIS Scenarios How MIIS works MIIS Futures

12 ConnectorSpace Management Agent (MA) ConnectedDirectories Terminology Metaverse i/f“filters”schemafiltersrules i/f“filters”schemafiltersrules i/f“filters”schemafiltersrules StagingProjectionProvisioningExportJoin Import/Export Run ProfileSync Run Profile

13 ConnectorSpace Management Agent (MA) ConnectedDirectories Terminology Metaverse i/f“filters”schema i/f“filters”schemafiltersrules i/f“filters”schema Rules Extension Import Attribute FlowExport Attribute Flow filtersrules filtersrules

14 MIIS – Metadirectory Functionality and Connectivity Identity Data LDAPSQL Wide range of connectivity Active Directory & ADAM Sun/iPlanet Directory IBM DS Novell eDirectory Microsoft SQL 2000 & SQL 7 Oracle 9i/8i IBM DB2 Lotus Notes 5.x/6.x Microsoft Exchange 5.5, 2K, 2K3 Microsoft NT 4.x RACF DSML, LDIF, CSV, fixed width …others to follow MA SDK allows ISVs and corporate developers to build custom MAs NOS LOB Apps

15 Synchronizing Identity Stores - The Management Agent SDK Easy to use SDK to build Management Agents.Net hosted set of interfaces Address IT Pro and ISV audiences IT Pro Fast MA development using template Simple to configure by reusing “Extensible MA UI” ISVs Allow customizing MA configuration UI and provide customized look and feel Enable packaging and redistribution of management agents Enable Identity Manager-integrated development of MA configuration UI Supports password synchronization

16 Password Synchronization: Password Change Notification Password Filter The password filter is extremely lightweight to minimize any impact on the DC Filter receives the change notifications and securely communicates passwords to the service Password Notification Service Service encrypts and queues the password notification to be delivered to the registered targets (MIIS or HIS) Notifications are transmitted via secure RPC to target Queuing and retry mechanism guards against lost passwords due to connectivity issues PCNS and MIIS mutually authenticate to prevent spoofing Active Directory Domain Controller LSA Process Password Filter Password Notification Service Identity Integration Server

17 Password Synchronization: Identity Integration Server MIIS receives notifications from PCNS and locates matching object for user’s Active Directory account MIIS leverages metadirectory “join” relationship to locate correct accounts in the target systems MIIS maintains queue for each target system to optimize delivery and handle systems that are less reliable Passwords can be synchronized to any system managed by MIIS management agents. Password Extensions allow synchronizing passwords to custom applications and directories Identity Integration Server PCNS Connected Directories Connector Space Queue Metaverse

18 Visualization Different hierarchies suit different needs Multiple hierarchical representations can be discovered from data Polyarchy eliminates the requirement for fixed hierarchy Polyarchy provides multiple hierarchical views and richer visualization of infrastructure information

19 MIIS Scenarios How MIIS works MIIS Futures Agenda

20 MIIS Roadmap Lowering the cost and risks of Identity Management Extending MA Reach and password capabilities MIIS - Gemini MIIS 2003 SP1 Q4/CY04 Codeless provisioning Entitlement reporting Self-service platform Password reset additional MAs Additional MAs MA SDK Password Extensions Password synchronization from Windows desktop Providing tools for provisioning MIIS 2003 SP1 ResKit - Q4/CY04 Code generator Workflow

21 1. Codeless provisioning 2. Richer logging/auditing 3. Self-service platform 4. Workflow for provisioning and self-service 5. Password self-service reset 6. Cluster support 7. Computed attributes (dynamic groups) 8. Cross-forest group management 9. Entitlement reporting 10. Capacity planning documentation 11. Scalability improvements 12. UNIX / OpenLDAP / Generic LDAP MA

22 Review MIIS Scenarios How MIIS works MIIS Futures

23

Download ppt "Introduction to Identity Management with MIIS 2003 Steve Plank Architectural Engineer Session code."

Similar presentations

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
© 2010 Quest Software, Inc. ALL RIGHTS RESERVED Quests solutions for Windows Management Lee Elliott & Jonathan Culver – Technical Account Managers Windows.

© 2010 Quest Software, Inc. ALL RIGHTS RESERVED Quests solutions for Windows Management Lee Elliott & Jonathan Culver – Technical Account Managers Windows.
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
Designing, Deploying and Managing Workflow in SharePoint Sites Steve Heaney Product Development Manager OBS

Designing, Deploying and Managing Workflow in SharePoint Sites Steve Heaney Product Development Manager OBS
Quality in Identity and Access Management Systems IDM: Overview Michele Brass, PMP PMI Westchester Chapter Program Manager – Collaboration Tools.

Quality in Identity and Access Management Systems IDM: Overview Michele Brass, PMP PMI Westchester Chapter Program Manager – Collaboration Tools.
IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – 6.0.1 Domino Access for MS Outlook - Notes Domino.

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Identity Management with Microsoft Identity Integration Server.

Identity Management with Microsoft Identity Integration Server.
Project Server “12”: Developing Project Management Solutions Phil Smail OFF311 Program Manager Microsoft Project Business Unit.

Project Server “12”: Developing Project Management Solutions Phil Smail OFF311 Program Manager Microsoft Project Business Unit.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Identity and Access Management

Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
Microsoft Identity Integration Server 2003 (MIIS) Kim Mikkelsen Senior Technology Specialist Microsoft.

Microsoft Identity Integration Server 2003 (MIIS) Kim Mikkelsen Senior Technology Specialist Microsoft.
Session Objectives And Takeaways Identify the role of Service Manager in the System Center suite Service Manager - Integrating People, Process and Technology.

Session Objectives And Takeaways Identify the role of Service Manager in the System Center suite Service Manager - Integrating People, Process and Technology.
Understanding Active Directory

Understanding Active Directory
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.

Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Similar presentations

Ads by Google