Identity and Access Management – Page 17

How to embed Power BI Reports into the Microsoft Identity Manager Portal

24th of January, 2017 / Darren Robinson / No Comments

About seven years ago at a conference in Los Angeles I attended I remember a session where a consultant from Oxford Computer Group gave a presentation on integrating Quest Identity Manager (now Dell One Identity Manager) with the Forefront Identity Manager Portal. I’ve recently had a requirement to do something similar and Carol pointed me in the direction of her experiments with doing something similar based off inspiration from that same presentation/session.
Well it is now 2017 and FIM and SharePoint have all moved through a few versions and doing something similar has changed.… [Keep reading] “How to embed Power BI Reports into the Microsoft Identity Manager Portal”

ADFS v 3.0 (2012 R2) Migration to ADFS 4.0 (2016) – Part 2

23rd of January, 2017 / Peter Aram / 17 Comments

In Part 1 of this series we have been getting ready for our ADFS v3.0 migration to ADFS v4.0 (ADFS 2016).
In part 2 we will cover the migration process, step-by-step. However, a friendly reminder that this series does not cover installation of ADFS and federation from scratch. This post assumes you already have a federated domain and Single Sign On (SSO) for your applications.

You may notice domain change and federation service name change from swayit.com.au

… [Keep reading]

ADFS v 3.0 (2012 R2) Migration to ADFS 4.0 (2016) – Part 1

20th of January, 2017 / Peter Aram / 2 Comments

Introduction
With the release of Windows Server 2016, Microsoft has introduced new and improved features. One of those features is ADFS 4.0, better known as ADFS 2016.
Organisations have already started leveraging ADFS 2016 as it covers most of their requirement, specially in terms of security.
In this series of blog posts, I will demonstrate how you can upgrade from ADFS v 3.0 (Running Windows Server 2012 R2) to ADFS 2016 (Running Windows Server 2016 Datacenter).… [Keep reading] “ADFS v 3.0 (2012 R2) Migration to ADFS 4.0 (2016) – Part 1”

How to configure a Graphical PowerShell Dev/Admin/Support User Interface for Azure/Office365/Microsoft Identity Manager

16th of January, 2017 / Darren Robinson / No Comments

During the development of an identity management solution I find myself with multiple PowerShell/RDP sessions connected to multiple environments using different credentials often to obtain trivial data/information. It is easy to trip yourself up as well with remote powershell sessions to differing environments. If only there was a simple UI that could front-end a set of PowerShell modules and make those simple queries quick and painless. Likewise to allow support staff to execute a canned set of queries without providing them elevated permissions.… [Keep reading] “How to configure a Graphical PowerShell Dev/Admin/Support User Interface for Azure/Office365/Microsoft Identity Manager”

Resolving "The Microsoft Identity Manager server database could not be successfully populated" installation error

3rd of January, 2017 / Darren Robinson / No Comments

Here is yet another of those Microsoft Identity Manager installation errors that doesn’t give you much information and when looking for a resolution you can’t find an exact match through Dr Google.
Nearing the end of the Microsoft Identity Manager Service and Portal installation you receive the “The Microsoft Identity Manager server database could not be successfully populated” error.
https://dl.dropboxusercontent.com/u/76015/BlogImages/MIMDBNotPopulated/MIM%20DB%20Not%20Populated%20-%20Full.png
Looking into the installation log (which I’m in the good practice of always initiating when doing an installation of the MIM Service/Portal these days eg. … [Keep reading] “Resolving "The Microsoft Identity Manager server database could not be successfully populated" installation error”

Microsoft Identity Manager installation error "Internal Error 2337. 0, Microsoft.MetadirectoryServices.host.dll"

2nd of January, 2017 / Darren Robinson / No Comments

Today I was doing a fresh installation of Microsoft Identity Manger 2016 with Service Pack 1 into a new development environment. The exact binary is “en_microsoft_identity_manager_2016_with_service_pack_1_x64_dvd_9270854”
Not too far into the installation of the Microsoft Identity Manager Synchronization Server I got the “Internal Error 2337. 0, Microsoft.MetadirectoryServices.host.dll” error as shown below.
https://dl.dropboxusercontent.com/u/76015/BlogImages/MIM2016SP1InstallError/MIM%202337%20Install%20Error.png
Doing a few searches didn’t throw me any bones. I could see that the installation had added the MIM Sync Server Service Account to the Logins on the SQL Server.… [Keep reading] “Microsoft Identity Manager installation error "Internal Error 2337. 0, Microsoft.MetadirectoryServices.host.dll"”

Azure AD Connect pass-through authentication. Yes, no more AD FS required.

8th of December, 2016 / Lucian Franghiu / 18 Comments

Originally posted on Lucian.Blog. Follow Lucian on Twitter: @LucianFrango.

***

Yesterday I received a notification email from Alex Simons (Director of PM, Microsoft Identity Division) which started like this:

Todays news might well be our biggest news of the year. Azure AD Pass-Through Authentication and Seamless Single Sign-on are now both in public preview!

So I thought I’d put together a streamlined overview of what this means for authentication with regards to the Microsoft Cloud and my thoughts on if I’d use it.… [Keep reading] “Azure AD Connect pass-through authentication. Yes, no more AD FS required.”

Real world Azure AD Connect: the case for TWO Azure AD Connect servers

6th of December, 2016 / Lucian Franghiu / 4 Comments

I was exchanging some emails with an account manager (Andy Walker) at Kloud and thought the exchange would be for some interesting reading. Here’s the outcome in an expanded and much more helpful (to you dear reader) format…

***

Background

When working with the Microsoft Cloud and in particular with identity, depending on some of the configuration options, it can be quite important to have Azure AD Connect highly available. Unfortunately for us, Microsoft has not developed AADConnect to be highly available.… [Keep reading] “Real world Azure AD Connect: the case for TWO Azure AD Connect servers”

Real world Azure AD Connect: multi forest user and resource + user forest implementation

2nd of December, 2016 / Lucian Franghiu / 17 Comments

Disclaimer: During October I spent a few weeks working on this blog posts solution at a customer and had to do the responsible thing and pull the pin on further time as I had hit a glass ceiling. I reached what I thought was possible with Azure AD Connect. In comes Nigel Jones (Identity Consultant @ Kloud) who, through a bit of persuasion from Darren (@darrenjrobinson), took it upon himself to smash through that glass ceiling of Azure AD Connect and figured this solution out.

… [Keep reading]

Azure AD Connect – Using AuthoritativeNull in a Sync Rule

1st of December, 2016 / David Minnelli / No Comments

There is a feature in Azure AD Connect that became available in the November 2015 build 1.0.9125.0 (listed here), which has not had much fanfare but can certainly come in handy in tricky situations. I happened to be working on a project that required the DNS domain linked to an old Office 365 tenant to be removed so that it could be used in a new tenant. Although the old tenant was no long used for Exchange Online services, it held onto the domain in question, and Azure AD Connect was being used to synchronise objects between the on-premise Active Directory and Azure Active Directory.… [Keep reading] “Azure AD Connect – Using AuthoritativeNull in a Sync Rule”