Identity Management Documentation
Applies To: Forefront Identity Manager 2010
FIM 2010 Documentation Summary
Start Here
| Title | Description |
|---|---|
Guidance for how to use the Microsoft® Forefront® Identity Manager (FIM) 2010 2010 and Microsoft® Forefront Identity Manager Certificate Management (FIM CM) documentation. |
|
This document is an overview of FIM and how it provides solutions in the identity technology problem space. |
|
This document provides information about the latest changes to FIM and FIM CM. |
Planning and Architecture
| Title | Description |
|---|---|
This guide describes how different hardware configuration options affect the performance of a server hosting FIM. The configuration options discussed are processors (quantity and speed), database location, memory, disks and network. |
|
This document provides recommendations for deploying the FIM components in various physical topologies, and setting up for high availability. |
Technical Concepts
| Title | Description |
|---|---|
This document explains how management policy rules (MPRs), resources and sets, workflows, and requests work together to define business policies that control entitlements of people, applications, or other services to critical resources. |
|
This document describes the elements and components of the FIM Portal, and how it can be configured and customized for your environment. |
|
This document discusses the components and structure of the FIM schema: resource types, attributes, and bindings. |
|
The ability to manage distributed identity information from a central point is key component of the FIM architecture. This process is governed by a well-defined and customizable set of synchronization rules. The objective of this document is to explain how you can use the FIM Synchronization Service to synchronize data with external systems. |
|
With expected state detection (ESD), you can detect the custom states of objects in your managed external systems in FIM and configure a response to them. The objective of this document is to give you an overview of ESD, to explain how ESD works, and to discuss advanced ESD solutions. |
Getting Started
| Title | Description |
|---|---|
This document describes the steps necessary for implementing a basic working synchronization scenario. It contains a set of common configurations that you need to perform as a prerequisite for many of the companion Getting Started guides. |
|
This document provides step-by-step examples that demonstrate how to modify and customize the FIM Portal, including adding customized logos, modifying the SharePoint theme, and creating custom views. |
|
This document provides step-by-step examples that demonstrate how to manage security and distribution groups in your environment. |
|
This document demonstrates and highlights the filter builder feature in FIM that you can use to define criteria-based membership for a Security Group. |
|
This document demonstrates and highlights the option to enable nonadministrators to manage Distribution Groups. |
|
This document provides step-by-step examples that demonstrate how to design and implement management policy rules. |
|
This document provides step-by-step examples that demonstrate how to create, view, modify, and delete resources and attributes by using the FIM Portal. |
|
This document provides step-by-step examples that demonstrate how to fine-tune the object and attribute flow between FIM and the related connected data sources by configuring inbound synchronization rules. |
|
This document provides step-by-step examples that demonstrate how to fine-tune the object and attribute flow between FIM and the related connected data sources by configuring inbound synchronization rules. |
|
This document demonstrates request and approval management using the FIM Portal and FIM Add-in for Outlook. It describes how to create workflow activities for notification and approvals, how to submit a request to join a group, and how to search for and approve such requests using both the FIM Portal and Outlook 2007 with the FIM Add-in for Outlook. |
|
Introduction to Publishing To Active Directory from Two Authoritative Data Sources |
This document demonstrates how to populate Active Directory® users from two authoritative data sources without developing a rules extension source code. |
Deployment
| Title | Description |
|---|---|
This document outlines the steps and processes involved in migrating your ILM 2007 environment to FIM 2010 R2 2010. |
|
This document describes the prerequisites and steps necessary to install the FIM Service, the FIM Synchronization Service, the FIM Portal, and the FIM Add-in for Outlook. |
|
This document provides configurations and procedures to be performed after a successful installation. Depending on your environment, some of these tasks may be optional. |
|
This document describes the steps for migrating configuration data from a test environment to the FIM Service and the FIM Synchronization Service. |
|
This document provides end-to-end steps for synchronizing custom resources and attributes to Active Directory. |
|
This document provides instructions to help you to configure the password reset and registration feature by using the FIM Portal. |
|
How Do I Synchronize Users from Active Directory Domain Services to FIM |
This guide walks you through the main building blocks that are involved in the process of populating FIM with user data from Active Directory® Domain Services (AD DS), describes how you can verify whether your scenario works as expected, provides suggestions for managing Active Directory users by using FIM, and lists additional sources for information. |
How Do I Synchronize Groups from Active Directory Domain Services to FIM |
This guide walks you through the main building blocks that are involved in the process of populating FIM with group data from AD DS, describes how you can verify whether your scenario works as expected, provides suggestions for managing Active Directory groups by using FIM, and lists additional sources for information. |
How do I Provision Users to Active Directory Domain Services |
This guide walks you through the main building blocks that are involved in the process of provisioning users from FIM to AD DS, describes how you can verify whether your scenario works as expected, provides suggestions for managing Active Directory users by using FIM, and lists additional sources for information. |
How do I Provision Groups to Active Directory Domain Services |
This guide walks you through the main building blocks that are involved in the process of provisioning groups from FIM to AD DS, describes how you can verify whether your scenario works as expected, provides suggestions for managing Active Directory groups by using FIM, and lists additional sources for information. |
Operations
| Title | Description |
|---|---|
The document provides guidance and tips for deploying, maintaining, and troubleshooting FIM. |
|
This guide describes the steps for locating data in FIM server-side components, finding resources to perform the actual backup, and then restoring the data in a test environment. |
|
This document provides guidance for diagnosing common issues with FIM. |
|
This guide presents context and instructions for deploying the FIM 2010 Management Pack. |
Technical Reference
| Title | Description |
|---|---|
This document lists the management agents that are provided by FIM and the supported versions of those connected directories. |
|
This document describes the XML configuration that is used by Resource Control Display Configurations (RCDCs) to customize the text, views, and controls in the FIM Portal. |
|
This document is a lexicon of commonly used identity management terms, as well as terms that are specific to FIM and FIM CM. |
|
These documents describe the Windows PowerShell tools that you can use when you migrate configurations between your FIM test environment into production. |
Common Tasks
This section contains suggested approaches to the FIM documentation.
If you are new to FIM 2010
For an overview for FIM, see Understanding FIM 2010.
For planning and design decisions, see the Capacity Planning Guide and the Pre-Installation and Topology Configuration Guide.
For information on which versions of connected directories are supported by FIM, see Management Agents in FIM 2010.
For more detailed description of key FIM concepts, see Designing Business Policy Rules and Understanding Data Synchronization with External Systems in the Technical Concepts section.
To get familiar with FIM features in a simple lab environment, see the Introduction to… guides in the Getting Started section.
If you are migrating from ILM 2007 to FIM 2010
To find out what's new in FIM, see the Release Notes.
For an overview for FIM including its capabilities, see the FIM 2010 Technical Overview.
For migration planning and issues, see Migrating from ILM 2007 to FIM 2010.
To determine whether you need to make hardware changes, see the Capacity Planning Guide and the Pre-Installation and Topology Configuration Guide.
To learn how Business Policy Rules are different in FIM, see Designing Business Policy Rules.
To learn about using Windows PowerShell scripts to migrate a FIM configuration from your lab to productions, see Windows PowerShell Configuration Tools for FIM 2010.
To learn how synchronizing and provisioning users and groups is different in FIM, see the following guides:
For pre-installation design and planning
For planning and design decisions, see the Capacity Planning Guide and the Pre-Installation and Topology Configuration Guide.
For best practice guidance, see the Best Practices for FIM 2010.
For information about which versions of connected directories are supported by FIM, see Management Agents in FIM 2010.
To learn how to design Business Policy Rules and data flow in FIM, see Designing Business Policy Rules.
For user and group management
To become familiar with user and group management in FIM, see the following guides:
If you are already familiar with ILM 2007 and you want to learn how synchronizing and provisioning users and groups is different in FIM, see the following guides:
For data synchronization with external systems
For information about synchronizing data, see Understanding Data Synchronization with External Systems.
For guidance about synchronization rules and flowing data in and out of FIM, see Introduction to Inbound Synchronization and Introduction to Outbound Synchronization.
For customizing your FIM 2010 environment
To customize the look and feel of SharePoint sites and the FIM Portal pages, see Introduction to Configuring and Customizing the FIM Portal.
To learn about creating custom resources and attributes in your environment, see Introduction to Custom Resource and Attribute Management.
For an overview of extensibility options, see the Forefront Identity Manager Extensibility Roadmap
For operational maintenance on your FIM 2010 environment
For best practice guidance, see the Best Practices for FIM 2010.
For diagnosing errors and issues, see Troubleshooting FIM 2010.
For backup up your system and data, see the FIM 2010 Backup and Restore Guide.
Additional references
For additional references and guidance, see: