microsoft forefront - what’s new in fim 2010 rc1 presentation
DESCRIPTION
TRANSCRIPT
![Page 1: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/1.jpg)
What’s New in FIM 2010 RC1
![Page 2: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/2.jpg)
Agenda
• Major themes in RC1• Manageability improvements• Developer-visible changes• Improvements by scenario
− group management− password reset − provisioning
![Page 3: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/3.jpg)
Forefront Identity Manager
Integrates identity, credential, and access managementImplements a rich permissions and delegation modelEnables system auditing and compliance
Provides Office-based self-service toolsSharePoint admin console to manage identitiesGreater productivity through faster time to resolution
Reduces costs through automation and self-serviceMaximizes existing investments in Identity InfrastructureIntegrates with familiar developer tools to enable new scenarios
Empowers People
Delivers Agility and Efficiency
Increases Security
and Compliance
Software for policy-based management of identities,credentials, and resources across heterogeneous
environments
![Page 4: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/4.jpg)
Forefront Identity Manager
Credential Management
Heterogeneous certificate management with Windows & 3rd party CAsManagement of multiple credential typesSelf-service password reset integrated with Windows logon
GroupManagement
Rich Office-based self-service group management toolsOffline approvals through OfficeAutomated group and distribution list updates
UserManagement
Integrated provisioning of identities, credentials, and resourcesAutomated, codeless user provisioning and de-provisioningSelf-service profile management
PolicyManagement
SharePoint-based console for policy authoring, enforcement & auditingExtensible WS– * APIs and Windows Workflow Foundation workflowsHeterogeneous identity synchronization and consistency
![Page 5: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/5.jpg)
Releases
• ILM 2007• ILM 2007 FP1• ILM 2007 FP1 SP1
• ILM “2” RC0: 4Q CY 2008• FIM 2010 RC1: 3Q CY 2009• FIM 2010 RTM: 1Q CY 2010
![Page 6: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/6.jpg)
Major Themes in FIM 2010 RC1• Rebranding• General improvements
− Manageability and deployability− Usability− Performance and scalability
• Bug fixes
![Page 7: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/7.jpg)
FIM 2010 RC1
![Page 8: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/8.jpg)
RC1: Forefront Rebranding
ILM “2” RC FIM 2010 RC1
Identity Lifecycle Manager “2”
Microsoft Forefront Identity Manager 2010
ILM Service FIM Service
MIIS / Sync Engine FIM Synchronization Service
CLM FIM Certificate Management
Object type Resource type
Object Visualization Configuration(OVC)
Resource Control Display Configuration(RCDC)
http://www.microsoft.com/fim/
![Page 9: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/9.jpg)
New Manageability Features
• Management Policy Rules− MPR Explorer− Individual MPRs can be disabled
• Configuration Migration Tools• SCOM Management Pack
![Page 10: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/10.jpg)
MPR Explorer
![Page 11: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/11.jpg)
MPR Explorer
![Page 12: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/12.jpg)
MPR Explorer
![Page 13: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/13.jpg)
Configuration Migration Tools
• PowerShell commands to copy select configuration settings between FIM Services− Requires FIM Service to be RC1 or later
Export-FIMConfig(FIM Production)
Join-FIMConfigCompare-FIMConfig
Import-FIMConfig(FIM Production)
Export-FIMConfig(FIM Pilot)
Export Objects(.NET Collection)
Import Objects(.NET Collection)
Matched Objects(.NET Collection)
![Page 14: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/14.jpg)
Configuration Migration Tools1. Retrieve configuration from pilot FIM Service.
![Page 15: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/15.jpg)
Configuration Migration Tools2. Retrieve configuration from production FIM Service.
![Page 16: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/16.jpg)
Configuration Migration Tools3. Merge pilot and production configurations, compute differences.
![Page 17: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/17.jpg)
Configuration Migration Tools4. Apply changes to production FIM Service.
![Page 18: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/18.jpg)
SCOM Management Pack
Component # Monitors # Events
FIM Service 9 8
FIM Portal 11 10
FIM Sync 7 6
FIM CM 6 6
Collects and reports on Health Events generated by FIM
![Page 19: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/19.jpg)
SCOM Management Pack
![Page 20: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/20.jpg)
Operational Changes• User Access
− Users in FIM Service Database will be identified by ObjectSID rather than AccountName
• Workflow− Additional config options for control over
maximum number of simultaneous workflows (in scale-out)
• Requests− More details in the Request resource to aid in
determining why a request denied or failed
• Patching− Patches after RC1 delivered via Microsoft
Update
![Page 21: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/21.jpg)
Developer Impact
• Can configure a search scope to be used to specify list view attributes to display for custom resource types
• Changes to XPath for query− “contains()” function now works like SQL Full Text Search− descendants(), betweenTime(), atTime(), allTime()
removed− membersof() changed syntax
• Changes to Activities− Removed ScriptHostActivity− Removed ResourceTemplateActivity,
EnumerateResourceIterationActivity (as duplicate other activities)
• Blog http://blogs.msdn.com/imex/ to be updated after RC1
![Page 22: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/22.jpg)
Change Auditing via Requests• At RC0, a web services client could reconstruct
resources via Requests, or betweenTime, atTime and allTime functions
• At RC1, a web service client will be able to reconstruct resources via Requests− More attributes on Request, and new creator and
target fields in RequestParameters values available
− Configurable request trimming interval to auto-delete requests which have been archived
• Blog at http://blogs.technet.com/doittoit/ to be updated after RC1
![Page 23: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/23.jpg)
Group Management Scenario• New Requestor Validation activity
added for group self-service− Prevents end users from removing others
from groups
• Portal will show which members of security groups do not meet AD requirements
![Page 24: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/24.jpg)
Password Reset Scenario
• MPRs and their Sets now included by default (with MPRs disabled)
• Windows XP SP2 now supported• New configuration options
− Users can be required to type their login passwords prior to registration
− Clients can be configured to not check whether the user is registered on each login
![Page 25: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/25.jpg)
Synchronization
• Added checkbox for use during disaster recovery to temporarily disable declarative provisioning − Already present for scripted provisioning
• Added IsPresent function for Sync Rules
• Additional scope control options− NotContains, NotStartsWith, NotEndsWith
• Bidirectional sync rules can be defined
![Page 26: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/26.jpg)
Management Agent Changes• Adding support for
− Active Directory in Windows Server 2008− SQL Server 2008− Novell eDirectory 8.8− Sun Java System DS 6.2− IBM DB2 9.1, 9.5
• Connecting to RACF, ACF2, OS400, TopSecret will be via ILM 2007FP1
![Page 27: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/27.jpg)
Other End-User Improvements• Localization
− FIM Service and Portal:Chinese (Simplified & Traditional), Dutch, English, French, German, Italian, Japanese, Portuguese, Spanish
− FIM Outlook add-in & password reset: 35 languages/locales (no right-to-left)
• All mail messages will be customizable
![Page 28: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/28.jpg)
Scalability in RC1
• FIM being be tested to Microsoft scale
![Page 29: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/29.jpg)
Certificate Management
• More documentation for 3rd party CA API
• Bug fixes
![Page 30: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/30.jpg)
Preparing Systems for RC1
• Platform Prerequisites− FIM Service, FIM Sync, FIM CM
− Windows Server 2008 (64-bit)− FIM Portal
− Windows Server 2008 (64-bit)− Windows SharePoint Services
− FIM Service and FIM Sync Databases− SQL Server 2008 CU2 or later, including SP1− SQL’s Full Text Search now required for RC1
![Page 31: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/31.jpg)
Documentation and FIM Forum• IT Pro doc updates on TechNet• SDK doc updates on MSDN• FIM Forum
http://go.microsoft.com/fwlink/?LinkID=163230− Greatest hits
http://go.microsoft.com/fwlink/?LinkID=163459− ScriptBox http://go.microsoft.com/fwlink/?
LinkID=160098
![Page 32: Microsoft Forefront - What’s New in FIM 2010 RC1 Presentation](https://reader030.vdocuments.us/reader030/viewer/2022020306/547e9783b47959c5508b4b8e/html5/thumbnails/32.jpg)
Summary
• RC1 brings− numerous bug fixes− performance/scale improvements− feature manageability/usability
improvements
• Your feedback is requested− Help us and customer deployments
prepare for RTM!