Multi-Threading Granfeldt PowerShell Management Agent Imports

30th of August, 2019 / Darren Robinson / No Comments

As I’m sure you are familiar (with my many posts on the topic), the Granfeldt PowerShell Management Agent is extremely flexible. When used to integrate Microsoft Identity Manager with modern REST API’s it is easy to retrieve pages of results from a REST API and process the objects through the Management Agent. However sometimes you need to integrate Microsoft Identity Manager with an API (e.g. a SOAP WebService) that doesn’t provide functionality to page results.… [Keep reading] “Multi-Threading Granfeldt PowerShell Management Agent Imports”

Microsoft Identity Manager PowerShell Management Agent for Oracle Internet Directory

18th of June, 2019 / Darren Robinson / No Comments

Why a FIM/MIM PowerShell Management Agent for Oracle Internet Directory? Why not just use the Generic LDAP Connector for Microsoft Identity Manager? I needed an integration solution that was able to update an Oracle Database behind Oracle Internet Directory. That meant I required a solution that was able to use LDAP to get visibility as to who/what was in OID, but then make updates into an Oracle DB. That functionality I wanted to be contained on a single Management Agent, not an MA for the Database and another for LDAP.… [Keep reading] “Microsoft Identity Manager PowerShell Management Agent for Oracle Internet Directory”

SailPoint IdentityNow Roles Management Agent for Microsoft Identity Manager

25th of January, 2019 / Darren Robinson / No Comments

This is the first post in a series where I will provide a number of base-level Management Agents for Microsoft Identity Manager to integrate with SailPoint IdentityNow. Whilst the two products have areas of competing/equivalent functionality there are other aspects where integration of the two compliment each other. Whilst that is not the purpose of this post, through the series of upcoming posts it will be relatively easy to extrapolate how the two products can happy co-exist and orchestrate each other for certain functions.… [Keep reading] “SailPoint IdentityNow Roles Management Agent for Microsoft Identity Manager”

Using Invoke-WebRequest calls within a Granfeldt PowerShell MA for Microsoft Identity Manager

13th of December, 2018 / Darren Robinson / No Comments

If you use PowerShell extensively you should be familiar with the Invoke-RestMethod cmdlet and the ability for PowerShell to call API’s and receive information. The great thing about Invoke-RestMethod is the inbuilt conversion of the results to PowerShell Objects. However there are times when you need the raw response (probably because you are trying to bend things in directions they aren’t supposed to be; story of many of my integrations).

From within Granfeldt PowerShell Management Agent script(s) that use Invoke-WebRequest calls, these will in turn leverage the Internet Explorer COM API on the local machine.… [Keep reading] “Using Invoke-WebRequest calls within a Granfeldt PowerShell MA for Microsoft Identity Manager”

Adding Delta Sync Support to the Microsoft Identity Manager PowerShell Management Agent for Workday HR

31st of October, 2018 / Darren Robinson / No Comments

Recently I posted a sample Microsoft Identity Manager Management Agent for Workday HR. Subsequently I also posted about some updates I made to the WorkdayAPI PowerShell Module to enable functionality to specify the time period to return changes for. This post details updating my sample Workday Management Agent to support Delta Synchronisation.

WorkdayAPI PowerShell Module

First up you will need the updated WorkdayAPI PowerShell Module that provides the Get-WorkdayWorkerAdv cmdlet and can take a time period to return information for.… [Keep reading] “Adding Delta Sync Support to the Microsoft Identity Manager PowerShell Management Agent for Workday HR”

Building a Microsoft Identity Manager PowerShell Management Agent for Workday HR

25th of September, 2018 / Darren Robinson / No Comments

Update 29 August 2019 See this post for multi-threading Granfeldt PowerShell Management Agent Imports (with Workday as an example).

Before I even get started with this post, let me state that the integration I describe here is not a standalone solution. Integrating with Workday for any organisation of significant size will require multiple integration points each providing coverage for the scenarios for your implementation. I list a few in this post, but Alexander Filipin has already done an awesome job here.… [Keep reading] “Building a Microsoft Identity Manager PowerShell Management Agent for Workday HR”

Automate the Generation of a Granfeldt PowerShell Management Agent Schema Definition File

24th of September, 2018 / Darren Robinson / No Comments

Generating Schema.ps1 for the Granfeldt FIM/MIM PowerShell Management Agent

Getting started writing your first Forefront/Microsoft Identity Manager Granfeldt PowerShell Management Agent can be a bit daunting. Before you can do pretty much anything you need to define the schema for the PSMA. Likewise if you have written many, the generation of the schema file often seems to take longer than it should and can be a little tedious when all you want to do is write the logic for the Import and Export scripts.… [Keep reading] “Automate the Generation of a Granfeldt PowerShell Management Agent Schema Definition File”

Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager

27th of August, 2018 / Darren Robinson / No Comments

Update: Oct 30 '18 
Also see this post that adds support for Microsoft's updates 
to the Microsoft Graph to include additional information 
about Azure AD B2B Guest users.

Introduction

Earlier this year Microsoft released the Microsoft Identity Manager Azure AD B2B Management Agent. I wrote about using it to write to Azure AD in this post here. As detailed in that post my goal was to write to Azure AD using the MA. I provided an incomplete example of doing that for Guests.… [Keep reading] “Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager”

Provisioning Hybrid Exchange/Exchange Online Mailboxes with Microsoft Identity Manager

19th of December, 2017 / Darren Robinson / 3 Comments

Introduction

Working for Kloud all our projects involve Cloud services, and all our customers have varying and unique requirements. Recently one of our customers embarked on their migration from On-Premise Exchange to Exchange Online. Nothing really groundbreaking there though, however they had a number of unique requirements including management of Litigation Hold. And that needed to be integrated with their existing Microsoft Identity Manager implementation (that currently provisions new users to their Exchange 2013 environment). They also required that management of the Exchange environment still be possible via the Exchange Management Console against a local Exchange server.… [Keep reading] “Provisioning Hybrid Exchange/Exchange Online Mailboxes with Microsoft Identity Manager”

Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 3

11th of August, 2017 / Darren Robinson / No Comments

Introduction

As the title suggests this is Part 3, and the final part in a three-part post on configuring FIM/MIM to synchronise users passwords from AD to the Domino ID Vault via PCNS and FIM/MIM.
Part 1 here detailed the creation of a PowerShell Management Agent to join users from Domino to the MIM Sync Metaverse.
Part 2 here detailed the creation and configuration of the Domino Agents to receive password changes via the PS MA into the ID Vault.… [Keep reading] “Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 3”