An Identity Consultants Summary of the recent Cloud Identity Summit 2017

29th of June, 2017 / / 2 Comments

I’ve just returned from Chicago and the Cloud Identity Summit that was held at the Sheraton Grand Chicago. It was my first CIS conference and reminded me a lot of the now defunct Quest Experts Conference and The Burton Group Conference, both in terms of the content and scale. It definitely had a more intimate feel than the massive Microsoft Ignite category of event which attracts 25k+ attendees. 1400 attendees at CIS was a record for this event, but it still meant you got the 1:1 time with vendors and speakers which is fantastic.… [Keep reading] “An Identity Consultants Summary of the recent Cloud Identity Summit 2017”

Integration of Microsoft Identity Manager with Azure Platform-as-a-Service Services

14th of June, 2017 / / 1 Comment

Overview

This isn’t an out of the box solution. This is a bespoke solution that takes a number of elements and puts them together in a unique way. I’m not expecting anyone to implement this specific solution (but you’re more than welcome to) but to take inspiration from it to implement solutions relevant to your environment(s). This post supports a presentation I did to The MIM Team User Group on 14 June 2017.
This post describes a solution that;

  • Leverages an Azure WebApp (NodeJS) to present a simple website.
[Keep reading] “Integration of Microsoft Identity Manager with Azure Platform-as-a-Service Services”

How to build and deploy an Azure NodeJS WebApp using Visual Studio Code

5th of June, 2017 / / No Comments 
Update April 2019  The presentation in this post 
updates the later section of this post whereby you 
can easily publish your app to Azure without needing 
to do all the manual FTP steps.

Introduction

This week I had the need to build a small web application with a reasonably simple front end that will later be integrated inside a Portal. The web application isn’t going to be high use and didn’t necessitate deployment of infrastructure (VM’s).… [Keep reading] “How to build and deploy an Azure NodeJS WebApp using Visual Studio Code”

How to access Microsoft Identity Manager Hybrid Report data using PowerShell, Graph API and oAuth2

24th of May, 2017 / / No Comments 
Update: Dec 20 2018. 
See this post that details the changes to the Azure AD 
Reports and Events Rest API.

Hybrid Reporting is a great little feature of Microsoft Identity Manager. A small agent installed on the MIM Sync Server will send reporting data to Azure for MIM SSPR and MIM Group activities. See how to install and configure it here.

But what if you want to get the reporting data without going to the Azure Portal and looking at the Audit Reports ?… [Keep reading] “How to access Microsoft Identity Manager Hybrid Report data using PowerShell, Graph API and oAuth2”

Synchronizing Exchange Online/Office 365 User Profile Photos with FIM/MIM

23rd of May, 2017 / / No Comments

Introduction

This is Part Two in the two-part blog post on managing users profile photos with Microsoft FIM/MIM. Part one here detailed managing users Azure AD/Active Directory profile photo. This post delves deeper into photos, specifically around Office 365 and the reason why you may want to manage these via FIM/MIM.

Background

User profile photos should be simple to manage. But in a rapidly moving hybrid cloud world it can be a lot more complex than it needs to be.… [Keep reading] “Synchronizing Exchange Online/Office 365 User Profile Photos with FIM/MIM”

How to Synchronize users Active Directory/Azure Active Directory Photo using Microsoft Identity Manager

23rd of May, 2017 / / No Comments

Introduction

Whilst Microsoft FIM/MIM can be used to do pretty much anything your requirements dictate, dealing with object types other than text and references can be a little tricky when manipulating them the first time. User Profile Photos fall into that category as they are stored in the directory as binary objects. Throw in Azure AD and obtaining and synchronizing photos can seem like adding a double back-flip to the scenario.
This post is Part 1 of a two-part post.… [Keep reading] “How to Synchronize users Active Directory/Azure Active Directory Photo using Microsoft Identity Manager”

A quick start guide to leveraging the Azure Graph API with PowerShell and oAuth 2.0

22nd of May, 2017 / / 1 Comment 
Update Oct 2019: See this post for simplifying oAuth Authentication to Microsoft Graph using PowerShell and the MSAL (Microsoft Authentication Libraries)

Introduction

In September 2016 I wrote this post detailing integrating with the Azure Graph API via PowerShell and oAuth 2.0.

Since that point in time I’ve found myself doing considerably more via PowerShell and the Graph API using oAuth. I regularly find myself leveraging previous scripts to generate a new script for the initial connection.… [Keep reading] “A quick start guide to leveraging the Azure Graph API with PowerShell and oAuth 2.0”

Using the Lithnet PowerShell Modules to generate full object metadata FIM/MIM HTML Reports

11th of May, 2017 / / No Comments


How many times have you wanted a consolidated report out of FIM/MIM for an object? What connectors does it have, what are the values of the attributes, which Management Agent contributed the value(s) and when? Individually of course you can get that info using the Metaverse Search and looking at the object in MIM Portal. But what if you wanted it all with a single query? This blog post provides an approach to doing just that.… [Keep reading] “Using the Lithnet PowerShell Modules to generate full object metadata FIM/MIM HTML Reports”

Scripting queries for Lithnet Get-MVObject searches into the Microsoft Identity Manager Metaverse

10th of May, 2017 / / No Comments

It probably seems obvious by now, but I seem to live in PowerShell and Microsoft Identity Manager. I’m forever looking into the Microsoft Identity Manager Metaverse for objects.
However, sometimes I get tripped up by the differences in Object Classes between the FIM/MIM Service and the Metaverse, the names of the Object Classes (obviously not Person, Group and Contact) and in situations where they are case-sensitive.  If you’re using the Sync Service Manager Metaverse Search function though you get a pick list.… [Keep reading] “Scripting queries for Lithnet Get-MVObject searches into the Microsoft Identity Manager Metaverse”

Scripting the generation & creation of Microsoft Identity Manager Sets/Workflows/Sync & Management Policy Rules with the Lithnet Resource Management PowerShell Module

26th of April, 2017 / / 2 Comments

Introduction

Yes, that title is quite a mouthful. And this post is going to be quite long. But worth the read if you are having to create a number of rules in Microsoft/Forefront Identity Manager, or even more so the same rule in multiple environments (eg. Dev, Staging, Production).
My colleague David Minnelli introduced using the Lithnet RMA PowerShell Module and the Import-RMConfig cmdlet recently for bulk creation of MIM Sets and MPR’s. David has a lot of the background on Import-RMConfig and getting started with it.… [Keep reading] “Scripting the generation & creation of Microsoft Identity Manager Sets/Workflows/Sync & Management Policy Rules with the Lithnet Resource Management PowerShell Module”