Microsoft Identity Manager - Advanced MIM Training
Denna MIM-kurs är för dig som redan kan grunderna men som vill fördjupa dig i hur du kan optimera din katalogimplementation och identitetshantering med hjälp av Microsoft Identity Manager.
Vi fördjupar oss inom viktiga aspekter på MIM som exempelvis synkronisering, arbetsflöden, extensions, management-agenter, arkitektur, rapportering, felsökning och mycket annat matnyttigt.
Kursinnehållet är även till stora delar applicerbart på Forefront Identity Manager (FIM), och kursledaren kommer peka ut de större skillnader som kan förekomma.
Målgrupp och förkunskaper
Den här kursen är avsedd för systemingenjörer och arkitekter (och är även användbar för utvecklare) som behöver få en djupare förståelse för hur MIM kan implementeras.
För att hänga med i kursens tempo och tillgodogöra dig dess innehåll förväntas du besitta grundkunskaperna i de huvudsakliga aspekterna på Microsoft Identity manager eller FIM. Till detta rekommenderar vi vår kurs Microsoft Identity Manager - MIM Foundation, vars innehåll ger en bra bild av vad du förutsätts behärska.
För att alltid hålla en hög kvalitet på våra kurser använder vi både engelsk- och svensktalande experter som kursledare.
Lärdomar och mål
Under kursen lär du dig
- Hantera användare, grupper, policies och referenser via MIM-portalen.
- Konfigurera portalen för att hantera ytterligare resurstyper, inklusive utseende och känsla, modifierade formulär och navigering.
- Hantera mer komplexa arbetsflöden och Management Policy Rules (MPR), inklusive temporära MPR:er och anpassade arbetsflöden från tredjepart.
- Hantera både klassisk och portalregel-synkronisering, med hjälp av anpassade regeltillägg där det behövs (en mycket begränsad mängd programmering är involverad).
- Förstå hur du använder och felsöker en implementering, inklusive användning av WMI, säkerhetskopiering och katastrofåterställning.
- Förstå MIMs tekniska arkitektur och olika installationstopologier.
- Förstå hur du implementerar direktrapportering och viss tredjepartsdito.
Detaljerad information
Kursmaterialet är på engelska, med detta innehåll:
MIM reminder
We start with a tour of the features of MIM that were covered in the Foundation course, pointing out those areas which this course will further develop. This is an opportunity to clear up any misunderstandings before launching into a lot of new information. This module gives a (reminder) overview of the other capabilities of MIM (Role Based Access Control and Privileged Access Management).
Portal configuration
We look at the interface configuration, including look and feel and navigation. The portal schema model is also considered: resources, attributes, bindings and validations; use of XPath and search scopes; usage keywords and localization; how to extend the schema.
Understanding synchronization
We cover metaverse schema extension, and synchronization in depth. We explore the whole process, including holograms and how to troubleshoot synchronization errors. Synchronization rules are mapped to the classic rules, identifying where to use each type, and where extensions are required.
More complex workflows and MPRs
In this module we examine the MIM Service and application database. This covers more complex workflows using functions and parameters, and temporal (time-based) MPRs for expiration, notification and delayed actions. We import and use a third party Windows Workflow Foundation workflow, and use it to generate MIM workflows.
Classic rule extensions
This module introduces (coded) extensions of classic management agent configuration, including coded provisioning, attribute flow, and deprovisioning. Topics include DLL extension architecture, metaverse and management agent DLL concepts, and creating and debugging extensions. Suggestions are made for effective management and best practices.
More about management agents
In this module we look at some additional features of the management agents, and look at management agent types not yet covered. Specifically we look at file-based management agents, and how delta imports can be applied to database type management agents (with SQL Server being the exemplar). We provide some notes on the use of the other types of management agent that are not explicitly covered in the course, and lastly we give an overview of the different ways in which MAs can be extended (but this is a topic that cannot be covered in any detail in this course).
Architecture installation and deployment
This module covers installation, but also considers likely production topologies, how to scale it, and other considerations. Installation of the password web sites, and reporting functions are also covered.
Reporting in MIM
This module covers the out-of-the-box reporting available with MIM. and looks at a third-party reporting solution, namely, Software IDM’s Sync Panel. Starting with simple usage of reports, it then covers how to manage the flow of data from MIM to the reporting data warehouse (DW). It covers the different data structure in the DW, and how this maps to MIM’s schema. Sync Panel adds more reporting options and other useful features to MIM. We investigate an installation of of Sync Panel and identify what it adds to a MIM solution.
Operations, troubleshooting and metaverse reporting
This module looks at all the sources of information that can help in operating and troubleshooting MIM. It covers synchronization preview, and analyzing requests in the MIM Service. It covers the use of PowerShell cmdlets for extracting and migrating configuration data – including pitfalls and essential workarounds. It also covers how to report on the metaverse (this is not supported by Microsoft).
More synchronization
The final module covers some advanced synchronization techniques. We cover cases where there may be more than one account, in a given external system, relating to one person. We also cover approaches to automated group creation and management. The labs in this module are presented as optional – partly this is because they are quite involved and “expert” in nature, and partly to give us some flexibility on the timing of the course (which can vary considerably depending on the amount of class discussion, and so on).