Making Entitlements in AD Understandable to the Business Rob de Jong Program Manager Microsoft Corporation SIA314.

Slides:



Advertisements
Similar presentations
Click to edit Master title style ManageEngine ADManager Plus 6 What's New? ADManager Plus offers: AD Automation | AD Management | AD Reporting | AD Delegation.
Advertisements

Windows Server Advanced Storage Solutions = Datacenter Elevation Alex Jauch Architect NetApp John Parker Technical Marketing Manager NetApp.
Kevin Donovan Program Manager, Office BI Microsoft Corporation
What’s New in Active Directory in Windows Server 2012 Dean Wells Active Directory Product Group Microsoft SIA312.
Upgrading SSIS Packages to SQL Server 2012 Sven Aelterman Lecturer in Information Systems & Web/Technology Specialist Troy University, Sorrell College.
WSV304 Manual Deployment High cost Fully Automated Low cost.
What's New in Microsoft Deployment Toolkit 2012 Michael Niehaus Senior Program Manager Microsoft Corporation.
Cloudy Weather: How Secure Is the Cloud? David Aiken Windows Azure Microsoft Corporation.
Caching: How It Works and When You Should Use It Shy Cohen Principal, Shy Cohen Consulting AAP314.
Defense Against the Dark Ages: Your Old Web Apps Are Trying to Kill You Aaron Margosis Principal Consultant Microsoft Corporation SIA324.
Deploying Windows 8 with MDT: A Preview Michael Niehaus Senior Program Manager Microsoft Corporation.
Customizing and Extending ADFS 2.0 Brian Puhl Technology Architect Microsoft Corporation SIA318.
Troubleshooting Windows 7 Deployments Michael Niehaus Senior Program Manager Microsoft Corporation.
Licensing Your Public and Private Cloud with Microsoft Office 365, Windows Azure, SQL Server and System Center Mark Croft Director Microsoft Licensing.
Experience the World’s Data with the Data Market on the Windows Azure Marketplace Piotr Puszkiewicz & Roger Mall Senior Program Managers Microsoft Corporation.
Customizing the User State Migration Tool Michael Niehaus Senior Program Manager Microsoft Corporation WCL322.
Best Practices for Designing and Consolidating Group Policy for Performance and Security Darren Mar-Elia Group Policy MVP, CTO & Founder SDM Software,
Deep Dive into Windows Azure Virtual Machines – From Cloud Vendor and Enterprise Perspective Vijay Rajagopalan Principal Lead Program Manager Microsoft.
Standards Support and Interoperability in Windows Server 2012: Networking, Management, and Storage Jeffrey Snover Distinguished Engineer and Lead Architect.
Deep Dive on Active Directory PowerShell Mudassir Ali Software Development Engineer Microsoft Corporation SIA404.
Deploying Windows Server 2012: From Bare Metal, Server Core, Minimal Server Interface, and More Andrew Mason Principal Group Program Manager Microsoft.
Delivering KPIs with Microsoft SQL Server Analysis Services
Microsoft Private Cloud Fast Track: The Next Generation of Private Cloud Reference Architecture Mike Truitt Sr. Product Planner Bryon Surace Sr. Program.
Deploying DNSSEC in Windows Server 2012 Rob Kuehfus Program Manager Microsoft Corporation WSV325.
The Network Files, Case #53: Diagnosing diseases of DNS Presented by Mark Minasi for newsletters, audio sets etc WSV313.
Enabling Disaster Recovery for Hyper-V Workloads Using Hyper-V Replica Shreesh Dubey Principal Group Program Manager Microsoft Corporation VIR302.
Getting Exchange and SharePoint to Play Together J. Peter Bruzzese Exchange MVP, MCSE, MCT Exchange/SharePoint Administration Instructor for TrainSignal.
Update Management in Windows Server 2012: Revealing Cluster-Aware Updating and the New Generation of WSUS Erin Chapple Partner Group Program Manager Microsoft.
Optimizing Microsoft SQL Server Analysis Services for Big Data Adam Jorgensen Microsoft Corporation.
Active Directory Domain Services on Windows Azure Virtual Machines Samuel Devasahayam Active Directory Product Group Microsoft SIA205.
Accelerating the Power of the Cloud with Microsoft Private Cloud Fast Track and EMC Infrastructure Mike McGhee Solutions Engineer EMC Corporation WSV211.
Building Integration Solutions using BizTalk On-Premises and on Azure Javed SikanderRajesh Ramamirtham Group Program ManagerProgram Manager AZR211.
A long time ago, before I started working in the PC world, I was a government economist. I don't do that any more, but being an economist gives you a framework.
Best Practices and Lessons Learned: Private Cloud Deployment in the Enterprise Ryan Sokolowski Senior Consultant, Microsoft Consulting Services Microsoft.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
Using the Windows Server 2012 Server Manager for Remote and Multi-Server Management Wale Martins Senior Program Manager Microsoft Corporation WSV335.
Windows Azure Active Directory Graph API
Using the Windows Server 2012 Server Manager for Remote and Multi-Server Management Ian Lucas Principal Program Manager Microsoft Corporation WSV335.
Advanced Automation Using Windows PowerShell 3.0 Hemant Mahawar Program Manager Microsoft Corporation Travis Jones Program Manager Microsoft Corporation.
App Controller Richard Rundle Ketan Ghelani Program Managers Microsoft Corporation MGT303.
What's New with IIS 8 Performance, Scalability, and Security Robert McMurray Program Manager Microsoft Corporation WSV332.
IPv6 (Hard)core Networking Services Daniel Sörlöv Senior Consultant, Trainer & Speaker Svensk IT Funktion AB WSV312.
AZR203. WA Storage Geo-Replication.
ASP.NET for Mobile and Tablet Development Damian Edwards Senior Program Manager Microsoft Corporation.
A Lap Around Windows Azure Active Directory Stuart Kwan Lead Principal Program Manager Microsoft Corporation SIA209.
Presentation_title Forefront Identity Manager 2010
Making Entitlements in AD Understandable to the Business Rob de Jong Senior Program Manager Microsoft Corporation SIA314.
What’s New with IIS 8: Open Web Platform for Cloud Shaun Eagan Senior Program Manager Microsoft Corporation Wade A. Hilmo Principal Development Lead Microsoft.
Migrating Virtual Environments to Hyper-V: The Easy Way Mark Gosson Senior Program Manager Microsoft Corporation WSV336.
Demystifying Forefront Edge Security Technologies – TMG and UAG Richard Hicks Director – Sales Engineering Celestix Networks, Inc. SIA208.
Networking for Hybrid Cloud: BranchCache and Cross-Premises Connectivity Bala Rajagopalan Group Program Manager Microsoft Corporation Rob Kuehfus Program.
What’s New with Windows Server 2012 and Microsoft System Center 2012 SP1 Vijay Tewari Principal Group Program Manager Microsoft Corporation.
Sysinternals Primer: Gems Aaron Margosis Principal Consultant Microsoft Corporation SIA311.
Developing High Performing Parallel Application Services on Windows Azure Wen-ming Ye Sr. Technical Evangelist Microsoft Corporation.
App Controller Tabrez Mohammed Yuan Zheng Program Managers Microsoft Corporation MGT303.
Building a Highly Available Failover Cluster Solution with Windows Server 2012 from the Ground UP Rob Hindman Program Manager Microsoft Corporation Lalithra.
AZR319: Monitoring and Managing Your Windows Azure Applications and Services Chandrika Shankarnarayan, Senior Program Manager Lead Vikram Desai, Senior.
Arend-Jan Speksnijder Solutions Architect Microsoft Dynamics Lighthouse team Dynamics AX2009 Technical Overview and Demo (DYN301)
Cloud-Ready Data Services. cloud data services.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
Becoming the Next Private Cloud Expert Yung Chou Technical Evangelist Microsoft Corporation WSV318.
Deploying Private Clouds (Lessons Learned from the Windows Server 2012 TAP) Pat Fetty and Allen Stewart Principal Program Manager and Principal Group Program.
Managing and Extending Active Directory Federation Services Brian Puhl Technology Architect Microsoft Corporation SIA318.
Demystifying Forefront Edge Security Technologies – TMG and UAG Richard Hicks Director – Sales Engineering Celestix Networks, Inc. SIA208.
What’s New with IIS 8: Open Web Platform for Cloud
FIM User Group BHOLD Eihab Isaac (FIM MVP) 11/14/2018
TechEd /24/2018 6:19 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
TechEd /11/ :54 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
2/27/2019 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Mikael Nystrom Senior Executive Consultant TrueSec
Presentation transcript:

Making Entitlements in AD Understandable to the Business Rob de Jong Program Manager Microsoft Corporation SIA314

Roles have members Users that are automatically linked through Orgunit memberships or attribute values Manually linked through Self Service Requests Directly linked by the Administrator Roles have content Active Directory groups, modeled as Permissions Access rights in other applications, modeled as Permissions Other Roles Roles can be inherited throughout the Orgunit structure When a User gets a Role, the contents of the Role are linked to the User This triggers provisioning instructions through FIM2010 into the target applications

Roles group Access Rights – AD Groups, other apps Roles are created… Automatically, based on HR data Manually Roles are linked to Users… Automatically, based on HR data Manually, through… Self Service Request and Approval Direct link in BHOLD Portal Roles trigger provisioning to targets – AD, other apps

New Employee data coming from HR flows into BHOLD through FIM2010 BHOLD automatically links the new employee to Roles based on HR information – Department, Job Title,… BHOLD calculates group memberships based on roles Group memberships are provisioned into AD through FIM2010 Changes in Employee data automatically trigger recalculation of group memberships in BHOLD

MV Source HR Active Directory CS FIM Sync Svc BHOLD Components and data flow FIM Components and data flow HR MA BHOLD MA MV Extn Employees, OU’s, Accounts & Groups Group Memberships AD MA RBAC Groups and Accounts Employees and HR OU’s Group Memberships

Active Directory BHOLD Model Generator HR System Excel or.CSV files AD Accounts, Groups and Group Memberships Employee, Manager and Orgunit Info Membership Roles Attribute Roles Optional Roles Personal Roles Role Mining

MV Object set Source HR Active Directory CS Users, OU’s Accounts, Prov. FIM Sync Svc BHOLD Components and responsible data flow FIM Components and data flow MA BHOLD MA MV Extn MA BHOLD Attestation Website Server BHOLD Attestation Service Which Employee is in which department? Who is managing? Which Users are in which AD Groups? Can you please go to the Attestation Website and fill out the form? Employee data flows into MV User Group memberships flows into MV User, Groups and Employee data flows into BHOLD A new Campaign is created s are sent to Stewards Steward fills out the form Corrections are sent to BHOLD Corrections are de- provisioned in AD

MV Active Directory CS FIM Sync Svc BHOLD MV Extn BHOLD Self Service Manager makes a Request FIM Portal Request becomes a Workflow FIM2010 sends out Approval messages Manager opens Self Service Portal “Can this User get this Role?” “Yes, he can!” Role Owner approves request Available Roles and Employees Request is Approved Role is assigned to User Groups are linked to Accounts in AD AD MA BHOLD MA Groups are linked to Accounts What can this Manager Request?

Talk to our Experts at the TLC #TE(sessioncode) DOWNLOAD Windows Server 2012 Release Candidate microsoft.com/windowsserver Hands-On Labs DOWNLOAD Windows Azure Windowsazure.com/ teched

Connect. Share. Discuss. Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

Required Slide Complete an evaluation on CommNet and enter to win!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.