Microsoft Identity Manager 2016 Handbook

A complete handbook on Microsoft Identity Manager 2016 – from design considerations to operational best practices

Microsoft Identity Manager 2016 Handbook

This ebook is included in a Mapt subscription
David Steadman, Jeff Ingalls

5 customer reviews
A complete handbook on Microsoft Identity Manager 2016 – from design considerations to operational best practices
$0.00
$47.99
$59.99
$29.99p/m after trial
RRP $47.99
RRP $59.99
Subscription
eBook
Print + eBook
Start 30 Day Trial
Subscribe and access every Packt eBook & Video.
 
  • 4,000+ eBooks & Videos
  • 40+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Code Files
Preview in Mapt

Book Details

ISBN 139781785283925
Paperback692 pages

Book Description

Microsoft Identity Manager 2016 is Microsoft’s solution to identity management. When fully installed, the product utilizes SQL, SharePoint, IIS, web services, the .NET Framework, and SCSM to name a few, allowing it to be customized to meet nearly every business requirement.

The book is divided into 15 chapters and begins with an overview of the product, what it does, and what it does not do. To better understand the concepts in MIM, we introduce a fictitious company and their problems and goals, then build an identity solutions to fit those goals. Over the course of this book, we cover topics such as MIM installation and configuration, user and group management options, self-service solutions, role-based access control, reducing security threats, and finally operational troubleshooting and best practices.

By the end of this book, you will have gained the necessary skills to deploy, manage and operate Microsoft Identity Manager 2016 to meet your business requirements and solve real-world customer problems.

Table of Contents

Chapter 1: Overview of Microsoft Identity Manager 2016
The Financial Company
The challenges
The environment
Moving forward
The history of Microsoft Identity 2016
MIM Synchronization Service
MIM Portal and Service
MIM Certificate Management
Role-Based Access Control (RBAC) with BHOLD
MIM Reporting
Privilege Access Management
Licensing
Summary
Chapter 2: Installation
Capacity planning
eparating roles
Hardware
Installation order
Prerequisites
Installation
Post-installation configuration
Summary
Chapter 3: MIM Sync Configuration
MIM Synchronization interface
Creating Management Agents
Creating a rules extension
The Metaverse rules extension
Schema management
Initial load versus scheduled runs
Summary
Chapter 4: MIM Service Configuration
MIM Service request processing
The MIM Service Management Agent
Understanding the portal and UI
Summary
Chapter 5: User Management
Additional sync engine information
Portal MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Provisioning
Managing users in a phone system
Managing users in Active Directory
Temporal sets
Self-service using MIM Portal
Managing Exchange
More considerations
Summary
Chapter 6: Group Management
Group scope and types
Modifying MPRs for group management
Managing groups in AD
Installing client add-ins
Creating and managing distribution groups
Summary
Chapter 7: Role-Based Access Control with BHOLD
Role-based access control
Installation
Access Management Connector
MIM/FIM Integration
Attestation
Reporting
Summary
Chapter 8: Reducing Threats with PAM
Why deploy PAM?
PAM components
How does it work?
System requirements
Considerations
Our scenario
Installing PAM
User experience
PAM in the MIM service
The sample PAM portal
Multi-factor authentication
Summary
Chapter 9: Password Management
SSPR background
Installing self-service password reset
Enabling password management in AD
Allowing MIM Service to set passwords
Configuring MIM Service
The SSPR user experience
SSPR lockout
Password synchronization
Password Change Notification Service
Summary
Chapter 10: Overview of Certificate Management
What is certificate management?
Certificate management components
Certificate management agents
The certificate management permission model
Summary
Chapter 11: Installation and the Client Side of Certificate Management
Installation and configuration
Certificate management clients
Summary
Chapter 12: Certificate Management Scenarios
Modern app and TPM virtual smart card
Using support for Non-MIM CM
Multiforest configuration
ADFS configuration
Models at a glance
Summary
Chapter 13: Reporting
Verifying the SCSM setup
Default reports
The SCSM ETL process
Looking at reports
Modifying reports
Hybrid reporting in Azure
Summary
Chapter 14: Troubleshooting
The basics
Operation statistics
A simple data problem
Rule extension debugging and logging
Rule extension logging
MIM service request failures
Debugging a custom activity
Increasing application logging
Password change notification service
Summary
Chapter 15: Operations and Best Practices
Expectations versus reality
Automating run profiles
Best practices concepts
Backup and restore
Backing up the synchronization encryption key
Restoring the MIM synchronization DB
Restoring the MIM service DB and portal
Additional backup considerations
Operational health
Database maintenance
SQL best practices
MIM synchronization best practices
MIM portal best practices
Other best practices
Summary

What You Will Learn

  • Install MIM components
  • Find out about the MIM synchronization, its configuration settings, and advantages
  • Get to grips with the MIM service capabilities and develop custom activities
  • Use the MIM Portal to provision and manage an account
  • Mitigate access escalation and lateral movement risks using privileged access management
  • Configure client certificate management and its detailed permission model
  • Troubleshoot MIM components by enabling logging and reviewing logs
  • Back up and restore the MIM 2015 configuration
  • Discover more about periodic purging and the coding best practices

Authors

Table of Contents

Chapter 1: Overview of Microsoft Identity Manager 2016
The Financial Company
The challenges
The environment
Moving forward
The history of Microsoft Identity 2016
MIM Synchronization Service
MIM Portal and Service
MIM Certificate Management
Role-Based Access Control (RBAC) with BHOLD
MIM Reporting
Privilege Access Management
Licensing
Summary
Chapter 2: Installation
Capacity planning
eparating roles
Hardware
Installation order
Prerequisites
Installation
Post-installation configuration
Summary
Chapter 3: MIM Sync Configuration
MIM Synchronization interface
Creating Management Agents
Creating a rules extension
The Metaverse rules extension
Schema management
Initial load versus scheduled runs
Summary
Chapter 4: MIM Service Configuration
MIM Service request processing
The MIM Service Management Agent
Understanding the portal and UI
Summary
Chapter 5: User Management
Additional sync engine information
Portal MPRs for user management
Configuring sets for user management
Inbound synchronization rules
Outbound synchronization rules
Provisioning
Managing users in a phone system
Managing users in Active Directory
Temporal sets
Self-service using MIM Portal
Managing Exchange
More considerations
Summary
Chapter 6: Group Management
Group scope and types
Modifying MPRs for group management
Managing groups in AD
Installing client add-ins
Creating and managing distribution groups
Summary
Chapter 7: Role-Based Access Control with BHOLD
Role-based access control
Installation
Access Management Connector
MIM/FIM Integration
Attestation
Reporting
Summary
Chapter 8: Reducing Threats with PAM
Why deploy PAM?
PAM components
How does it work?
System requirements
Considerations
Our scenario
Installing PAM
User experience
PAM in the MIM service
The sample PAM portal
Multi-factor authentication
Summary
Chapter 9: Password Management
SSPR background
Installing self-service password reset
Enabling password management in AD
Allowing MIM Service to set passwords
Configuring MIM Service
The SSPR user experience
SSPR lockout
Password synchronization
Password Change Notification Service
Summary
Chapter 10: Overview of Certificate Management
What is certificate management?
Certificate management components
Certificate management agents
The certificate management permission model
Summary
Chapter 11: Installation and the Client Side of Certificate Management
Installation and configuration
Certificate management clients
Summary
Chapter 12: Certificate Management Scenarios
Modern app and TPM virtual smart card
Using support for Non-MIM CM
Multiforest configuration
ADFS configuration
Models at a glance
Summary
Chapter 13: Reporting
Verifying the SCSM setup
Default reports
The SCSM ETL process
Looking at reports
Modifying reports
Hybrid reporting in Azure
Summary
Chapter 14: Troubleshooting
The basics
Operation statistics
A simple data problem
Rule extension debugging and logging
Rule extension logging
MIM service request failures
Debugging a custom activity
Increasing application logging
Password change notification service
Summary
Chapter 15: Operations and Best Practices
Expectations versus reality
Automating run profiles
Best practices concepts
Backup and restore
Backing up the synchronization encryption key
Restoring the MIM synchronization DB
Restoring the MIM service DB and portal
Additional backup considerations
Operational health
Database maintenance
SQL best practices
MIM synchronization best practices
MIM portal best practices
Other best practices
Summary

Book Details

ISBN 139781785283925
Paperback692 pages
Read More
From 5 reviews

Read More Reviews