FIM 2010 Archive: Ramp Up - Implementing Forefront Identity Manager 2010
This page is an archive of the old FIM 2010 Ramp Up page, to avoid losing access to some valuable basic documents.
Some of the content (like the virtual labs) have been taken offline.
The labs and documents are public versions of the FIM 2010 introduction course at Implementing Forefront Identity Manager 2010 (https://technet.microsoft.com/en-us/ff793470)
This course introduces and explains the features and capabilities of Microsoft Forefront Identity Manager 2010 (FIM), and provides an overview of the solution scenarios that FIM addresses. The course format includes presentations, discussions, demonstrations, and many hands-on exercises. It is intended for students who have no previous Forefront Identity Manager 2010 or Microsoft Identity Lifecycle Manager 2007 (ILM) experience.
After completing this course, students will be able to:
- Understand FIM concepts and components.
- Identify appropriate FIM scenarios.
- Manage users, groups, and passwords using FIM.
- Synchronize identity data across systems, such as Active Directory and HR.
- Understand the issues involved in loading data (initial load, backup, and disaster recovery).
- Configure security for different levels of user.
- Manage password self-service reset and synchronization.
- Automate run cycles.
- Handle sets, simple workflows, and management policy rules (MPRs).
Learning Resources
Published on: June 14, 2010
.png){kind=link}
Introducing Forefront Identity Manager 2010
This module is a tour of many of the built-in features of FIM focusing on the user experience. The student will explore the FIM interface, the high-level architecture of FIM, and the business needs that FIM addresses. In this module, the student will examine FIM in its installed and configured state, whereas the rest of the course will be spent understanding how FIM works and building the fully configured FIM from a raw installation. The lab explores creating a new user, managing groups and credentials for that user, and the experience of that new user.
- Article: Introducing Forefront Identity Manager 2010 Student Manual
- Video: Introducing Forefront Identity Manager 2010 Presentation
.png){kind=link}
The Synchronization Service Manager
This module introduces the FIM Synchronization Service Manager and explains its features through scenarios that do not use the FIM Portal. It introduces the main tools (such as Metaverse Designer, Operations Tool, and Joiner), and covers the basic configuration of a Management Agent along with running profiles, results verification, and simple Metaverse search. During the lab, students will create a new Management Agent for a simple HR system.
- Article: The Synchronization Service Manager Student Manual
- Video: The Synchronization Service Manager Presentation
.png){kind=link}
More about Synchronization
This module looks at various types of Management Agent (MA), including LDAP and file-based sources. It covers concepts such as schema discovery, filters, joins and projection rules, connectors and disconnectors, joining, provisioning, deprovisioning, and different kinds of attribute flow. In the lab, students create two more Management Agents and establish a simple data-driven scenario for managing a directory (AD LDS).
.png){kind=link}
The FIM Service and Portal
This module introduces the Forefront Identity Manager (FIM) Service with its associated portal and application database, initially as a standalone application, while covering the key concepts of Sets and Management Policy Rules (MPRs) through user management. The module then looks at how you integrate the FIM Service with the FIM Synchronization Service, by using the FIM Service Management Agent (MA) to synchronize data.
.png){kind=link}
Managing Synchronization from the Portal
This module explores the creation of an Active Directory MA, and configuration via the portal to manage mailbox-enabled users in AD. Aspects of this process include synchronization rules, workflows, and management policy rules, including complex attribute flows. In the labs, students configure FIM so that users are automatically created (provisioned) into AD, renamed, and removed (deprovisioned) as necessary.
- Article: Managing Synchronization from the Portal Student Manual
- Video: Managing Synchronization from the Portal Presentation
.png){kind=link}
Credential Management
This module primarily explores passwords. First, it addresses the essentials of Certificate Management and then explores in detail the self-service password reset and password synchronization functions. The two labs cover all aspects of password management in FIM (with the exception of writing custom password management workflows and extensions).
.png){kind=link}
Group Management
This module covers the management of distribution and security groups, including the relationship between groups in Active Directory and other systems. Synchronization rules, workflows, and MPRs are explored further, along with the configuration of workflow approvals.
.png){kind=link}
Other Considerations
This module examines management policy rules (MPRs)—perhaps the most important feature of FIM. It explores the different types of management policy rules, their different uses, how they are processed, and how to troubleshoot them. Then it examines some operational considerations, such as the management of run cycles using scripts, and also covers backup, restore, and disaster recovery.