What’s New in FIM 2010
         RC1
Agenda
•   Major themes in RC1
•   Manageability improvements
•   Developer-visible changes
•   Improvements by scenario
 ...
Forefront Identity Manager


               Provides Office-based self-service tools
 Empowers
               SharePoint a...
Forefront Identity Manager
             SharePoint-based console for policy authoring, enforcement & auditing
   Policy
Ma...
Releases
•   ILM 2007
•   ILM 2007 FP1
•   ILM 2007 FP1 SP1

•   ILM “2” RC0:  4Q CY 2008
•   FIM 2010 RC1: 3Q CY 2009
•  ...
Major Themes in FIM 2010 RC1
•   Rebranding
•   General improvements
    − Manageability and deployability
    − Usability...
FIM 2010 RC1
RC1: Forefront Rebranding
        ILM “2” RC                          FIM 2010 RC1
Identity Lifecycle Manager “2”   Micros...
New Manageability Features
•   Management Policy Rules
    − MPR Explorer
    − Individual MPRs can be disabled
•   Config...
MPR Explorer
MPR Explorer
MPR Explorer
Configuration Migration Tools
•   PowerShell commands to copy select
    configuration settings between FIM Services
    −...
Configuration Migration Tools
1. Retrieve configuration from pilot FIM Service.
Configuration Migration Tools
2. Retrieve configuration from production FIM Service.
Configuration Migration Tools
3. Merge pilot and production configurations, compute differences.
Configuration Migration Tools
4. Apply changes to production FIM Service.
SCOM Management Pack
Collects and reports on Health Events generated by FIM
    Component      # Monitors    # Events
    ...
SCOM Management Pack
Operational Changes
•   User Access
    − Users in FIM Service Database will be identified by
      ObjectSID rather than ...
Developer Impact
•   Can configure a search scope to be used to specify list
    view attributes to display for custom res...
Change Auditing via Requests
•   At RC0, a web services client could reconstruct resources
    via Requests, or betweenTim...
Group Management Scenario
•   New Requestor Validation activity added for
    group self-service
    − Prevents end users ...
Password Reset Scenario
•   MPRs and their Sets now included by
    default (with MPRs disabled)
•   Windows XP SP2 now su...
Synchronization
•   Added checkbox for use during disaster
    recovery to temporarily disable declarative
    provisionin...
Management Agent Changes
•   Adding support for
    −   Active Directory in Windows Server 2008
    −   SQL Server 2008
  ...
Other End-User Improvements
•   Localization
    − FIM Service and Portal:
      Chinese (Simplified &
      Traditional),...
Scalability in RC1
•   FIM being be tested to Microsoft scale
Certificate Management
•   More documentation for 3rd party CA API
•   Bug fixes
Preparing Systems for RC1
•   Platform Prerequisites
    − FIM Service, FIM Sync, FIM CM
      − Windows Server 2008 (64-b...
Documentation and FIM Forum
•   IT Pro doc updates on TechNet
•   SDK doc updates on MSDN
•   FIM Forum
      http://go.mi...
Summary
•   RC1 brings
    − numerous bug fixes
    − performance/scale improvements
    − feature manageability/usability...
Upcoming SlideShare
Loading in …5
×

Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation

2,033 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,033
On SlideShare
0
From Embeds
0
Number of Embeds
19
Actions
Shares
0
Downloads
71
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation

  1. 1. What’s New in FIM 2010 RC1
  2. 2. Agenda • Major themes in RC1 • Manageability improvements • Developer-visible changes • Improvements by scenario − group management − password reset − provisioning
  3. 3. Forefront Identity Manager Provides Office-based self-service tools Empowers SharePoint admin console to manage identities People Greater productivity through faster time to resolution Delivers Reduces costs through automation and self-service Agility and Maximizes existing investments in Identity Infrastructure Efficiency Integrates with familiar developer tools to enable new scenarios Increases Integrates identity, credential, and access management Security and Implements a rich permissions and delegation model Compliance Enables system auditing and compliance
  4. 4. Forefront Identity Manager SharePoint-based console for policy authoring, enforcement & auditing Policy Management Extensible WS– * APIs and Windows Workflow Foundation workflows Heterogeneous identity synchronization and consistency Heterogeneous certificate management with Windows & 3rd party CAs Credential Management of multiple credential types Management Self-service password reset integrated with Windows logon Integrated provisioning of identities, credentials, and resources User Management Automated, codeless user provisioning and de-provisioning Self-service profile management Rich Office-based self-service group management tools Group Offline approvals through Office Management Automated group and distribution list updates
  5. 5. Releases • ILM 2007 • ILM 2007 FP1 • ILM 2007 FP1 SP1 • ILM “2” RC0: 4Q CY 2008 • FIM 2010 RC1: 3Q CY 2009 • FIM 2010 RTM: 1Q CY 2010
  6. 6. Major Themes in FIM 2010 RC1 • Rebranding • General improvements − Manageability and deployability − Usability − Performance and scalability • Bug fixes
  7. 7. FIM 2010 RC1
  8. 8. RC1: Forefront Rebranding ILM “2” RC FIM 2010 RC1 Identity Lifecycle Manager “2” Microsoft Forefront Identity Manager 2010 ILM Service FIM Service MIIS / Sync Engine FIM Synchronization Service CLM FIM Certificate Management Object type Resource type Object Visualization Resource Control Display Configuration Configuration (RCDC) (OVC) http://www.microsoft.com/fim/
  9. 9. New Manageability Features • Management Policy Rules − MPR Explorer − Individual MPRs can be disabled • Configuration Migration Tools • SCOM Management Pack
  10. 10. MPR Explorer
  11. 11. MPR Explorer
  12. 12. MPR Explorer
  13. 13. Configuration Migration Tools • PowerShell commands to copy select configuration settings between FIM Services − Requires FIM Service to be RC1 or later Export-FIMConfig (FIM Pilot) Compare- Import-FIMConfig Join-FIMConfig FIMConfig (FIM Production) Export-FIMConfig (FIM Production) Export Objects Matched Objects Import Objects (.NET Collection) (.NET Collection) (.NET Collection)
  14. 14. Configuration Migration Tools 1. Retrieve configuration from pilot FIM Service.
  15. 15. Configuration Migration Tools 2. Retrieve configuration from production FIM Service.
  16. 16. Configuration Migration Tools 3. Merge pilot and production configurations, compute differences.
  17. 17. Configuration Migration Tools 4. Apply changes to production FIM Service.
  18. 18. SCOM Management Pack Collects and reports on Health Events generated by FIM Component # Monitors # Events FIM Service 9 8 FIM Portal 11 10 FIM Sync 7 6 FIM CM 6 6
  19. 19. SCOM Management Pack
  20. 20. Operational Changes • User Access − Users in FIM Service Database will be identified by ObjectSID rather than AccountName • Workflow − Additional config options for control over maximum number of simultaneous workflows (in scale-out) • Requests − More details in the Request resource to aid in determining why a request denied or failed • Patching − Patches after RC1 delivered via Microsoft Update
  21. 21. Developer Impact • Can configure a search scope to be used to specify list view attributes to display for custom resource types • Changes to XPath for query − “contains()” function now works like SQL Full Text Search − descendants(), betweenTime(), atTime(), allTime() removed − membersof() changed syntax • Changes to Activities − Removed ScriptHostActivity − Removed ResourceTemplateActivity, EnumerateResourceIterationActivity (as duplicate other activities) • Blog http://blogs.msdn.com/imex/ to be updated after RC1
  22. 22. Change Auditing via Requests • At RC0, a web services client could reconstruct resources via Requests, or betweenTime, atTime and allTime functions • At RC1, a web service client will be able to reconstruct resources via Requests − More attributes on Request, and new creator and target fields in RequestParameters values available − Configurable request trimming interval to auto-delete requests which have been archived • Blog at http://blogs.technet.com/doittoit/ to be updated after RC1
  23. 23. Group Management Scenario • New Requestor Validation activity added for group self-service − Prevents end users from removing others from groups • Portal will show which members of security groups do not meet AD requirements
  24. 24. Password Reset Scenario • MPRs and their Sets now included by default (with MPRs disabled) • Windows XP SP2 now supported • New configuration options − Users can be required to type their login passwords prior to registration − Clients can be configured to not check whether the user is registered on each login
  25. 25. Synchronization • Added checkbox for use during disaster recovery to temporarily disable declarative provisioning − Already present for scripted provisioning • Added IsPresent function for Sync Rules • Additional scope control options − NotContains, NotStartsWith, NotEndsWith • Bidirectional sync rules can be defined
  26. 26. Management Agent Changes • Adding support for − Active Directory in Windows Server 2008 − SQL Server 2008 − Novell eDirectory 8.8 − Sun Java System DS 6.2 − IBM DB2 9.1, 9.5 • Connecting to RACF, ACF2, OS400, TopSecret will be via ILM 2007FP1
  27. 27. Other End-User Improvements • Localization − FIM Service and Portal: Chinese (Simplified & Traditional), Dutch, English, French, German, It alian, Japanese, Portuguese, Spanish − FIM Outlook add-in & password reset: 35 languages/locales (no right-to-left) • All mail messages will be customizable
  28. 28. Scalability in RC1 • FIM being be tested to Microsoft scale
  29. 29. Certificate Management • More documentation for 3rd party CA API • Bug fixes
  30. 30. Preparing Systems for RC1 • Platform Prerequisites − FIM Service, FIM Sync, FIM CM − Windows Server 2008 (64-bit) − FIM Portal − Windows Server 2008 (64-bit) − Windows SharePoint Services − FIM Service and FIM Sync Databases − SQL Server 2008 CU2 or later, including SP1 − SQL’s Full Text Search now required for RC1
  31. 31. Documentation and FIM Forum • IT Pro doc updates on TechNet • SDK doc updates on MSDN • FIM Forum http://go.microsoft.com/fwlink/?LinkID=163230 − Greatest hits http://go.microsoft.com/fwlink/?LinkID=163459 − ScriptBox http://go.microsoft.com/fwlink/?LinkID=160098
  32. 32. Summary • RC1 brings − numerous bug fixes − performance/scale improvements − feature manageability/usability improvements • Your feedback is requested − Help us and customer deployments prepare for RTM!

×