Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |

Slides:



Advertisements
Similar presentations
ADManager Plus Simplify Your Active Directory Management.
Advertisements

FIM Best Practices - Architecting Identity Solutions that really work!
Forefront Identity Manager 2010
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core.
Microsoft Forefront Identity Manager 2010
Microsoft Forefront Identity Manager 2010 Daniel MEYER Enterprise Technology Architect EMEA.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | CEH | | |
Making Entitlements in AD Understandable to the Business Rob de Jong Program Manager Microsoft Corporation SIA314.
SharePoint 2010 Permissions Keith Tuomi. profile KEITH TUOMI SharePoint Consultant / Developer at itgroove Developing Online Systems since years.
Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
02 | Managing Users, Groups, and Licenses Anthony Steven | Principal Technologist, Content Master Martin Coetzer | Portfolio Architect, Microsoft.
Identity management integration options for Office 365
Kerberos Underworld Ondrej Sevecek | MCM: Directory | MVP: Security |
Understanding Active Directory
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
Carol Wapshere MVP Senior Consultant LANexpert SA.
Microsoft Identity and Access Solutions Market Trends and Futures
SIM332 UserManagement GroupManagement CredentialManagement Common Platform WorkflowConnectorsLogging Web Service API Synchronization PolicyManagement.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | Certified Ethical Hacker | |
Copyright © 2007, SAS Institute Inc. All rights reserved. SAS Activity-Based Management Survey Kit (ASK): User Management & Security.
Managing Active Directory Domain Services Objects
Bezpečnost Windows pro pokročilé: uživatelské účty GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. |
Single Sign-On with Microsoft Azure
Philadelphia Area SharePoint User Group Building Customer/Partner Extranets Designing a Secure Extranet with Sharepoint 2007 Russ Basiura RJB Technical.
Forefront Identity Manager 2010 Deep Dive
Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?
What is new in security in Windows 2012 or Dynamic Access Control Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security.
Cognos Finance Tips & Techniques Part I Aimee Sousa Cognos.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
SQL Server Security By Mattias Lind For PASS Security VC.
Project 2003 Presentation Ben Howard 15 th July 2003.
Riva Managed Identity Integration for Active Directory and Novell ® GroupWise ® Aldo Zanoni CEO, Managing Director Omni Technology Solutions
(VPD) Virtual Private Database Technique Hessah Hassan Al_kaoud.
Tech Ed North America /24/2017 1:59 AM SESSION CODE: SIA327
Bezpečnost Windows pro pokročilé: přístup do sítě GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. | MCM:Directory.
FIM Best Practices – Technical Deep-Dive Carol Wapshere, MVP Identity Management Specialist Unify Solutions SIM423.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Presentation_title Forefront Identity Manager 2010
Designing Secure SharePoint External Access Ondrej Sevecek | MCM: Directory | MVP: Security |
Making Entitlements in AD Understandable to the Business Rob de Jong Senior Program Manager Microsoft Corporation SIA314.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | CEH | | |
Bezpečnost Windows pro pokročilé: zajímavosti a UAC GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. |
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
Federico Guerrini IDA TSP, EMEA Incubation Team From Identity Synchronization to Identity Management.
Microsoft ® Forefront ™ Identity Manager 2010 Infrastructure Planning and Design Published: June 2010.
Microsoft Identity Integration Server & Role Base Access Theo Kostelijk Consultant Microsoft BV
Ing. Ondřej Ševeček MCSM:Directory | MVP:Enterprise Security | Certified Ethical Hacker | MCSE:SharePoint | Passwords.
Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.
Managing Office 365 Identities and Requirements.
Productivity Architect Meet Chris Bortlik Author, Blogger, Speaker.
How To Start a SQL server Connecting to SQL Server.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Introduction to the Microsoft Identity Integration Server and Roadmap
Internet/Web Databases
What is new in security in Windows 2012 or Dynamic Access Control
UVOS and VOMS differences
Using Microsoft Identity Manger with SharePoint 2016 to fill the User Profile Sync Gap Max Fritz Senior Systems Consultant Now Micro.
PSJA AUTOMATION WORKFLOW AND LESSONS LEARNED
FIM User Group BHOLD Eihab Isaac (FIM MVP) 11/14/2018
Managing Digital Identity
SharePoint and IIS core integration
Microsoft Virtual Academy
SharePoint 2016 in MIM 2016 Robi Vončina Kompas Xnet.
One Marketing Template
GOPAS TechEd 2012 Kerberos Delegation
Azure AD Simon May Technical Evangelist.
Implementing a Distributed Enterprise Architecture to Deliver BI
Presentation transcript:

Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |

Forefront Identity Manager 2010

Forefront Identity Manager  Identity Management  syncing AD/LDS/SQL/etc. database contents  indentity centered  Automatic group management  attribute values  manager  user self service  Web portal user/group management  SharePoint based  Self service password reset  web based and GUI extension

Identity?  User  Group  table, cabinet, pc, car,...

History  Identity Integration Server 2003 (MIIS 2003)  Identity Lifecycle Manager 2007 (ILM 2007)  MIIS CLM 2007  Forefront Identity Manager 2010 (FIM 2010)  Forefront Idnetity Manager 2010 R2

Price?  5000 USD per CPU socket  80 USD per managed identity

Forefront Identity Manager  FIM Synchronization service  syncing AD/LDS/SQL/etc. database contents  indentity centered  FIM Service  attribute values  manager  user self service  FIM Portal  SharePoint based  Self service password registration and reset  web based and GUI extension

Forefront Identity Manager 2010

FIM Synchronization FIM Sync AD AD MA AD AD MA AD LDS SQL DB ADLDS MA SQL MADB MA Metaverse

FIM Service and Portal Idea FIM Sync AD AD MA AD LDS SQL ADLDS MA SQL MA Metaverse FIM Service SharePoint Portal

FIM Service Management FIM Sync FIM SVC DB FIM MA AD AD MA AD LDS SQL ADLDS MA SQL MA Metaverse FIM Service

FIM Portal FIM Sync FIM SVC DB FIM MA AD AD MA AD LDS SQL ADLDS MA SQL MA Metaverse FIM Service SharePoint Portal

Forefront Identity Manager 2010

AD Object Management  Manual group membership  scripting  Permission based delegation  OU hierarchy  using “static” groups  no attribute validation

AD Object Management Example  Prague managers can reset passwords for OU=Prague  Sales manager can change department to all users in OU=Sales and OU=Marketing  Sales manager can change group membership of Sales IS group  Users cannot reset their own passwords anonymously

FIM Management  Dynamic group membership  attribute query based  manager based  Policy based delegation  group membership  attribute value based  attribute validation

FIM Management Examples  Sales manager can change department to all users in OU=Sales and OU=Marketing  but only from Marketing to Sales  Users can reset their own passwords anonymously  after providing answers to several questions

FIM Management Examples  CZ Users can change their own telephone  but the format must be  CZ Users can change their own city  but the result must still be CZ User  School director can change department of his students  but the students must remain in the same school  Sales manager can change group members of Sales IS group  but can add only his own users

FIM Management Examples  We have Sales Management group which contains several sales managers  Every sales user is assigned one of the sales managers  We can create a group that would contain all Sales people  group whos members are those people, whos manager is member of the Sales Management group

Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.