Implementing Forefront Identity Manager 2010
Varighet: 4 Days Kurskode: M50382
Beskrivelse:
This four-day instructor-led courseintroduces and explains the features and capabilities of Microsoft Forefront Identity Manager 2010 (FIM), and provides an overview of the solution scenarios that FIM addresses. The course format includes presentation, discussion, demonstration, and many hands-on exercises. It is intended for students who have no previous Forefront Identity Manager 2010 or Microsoft Identity Lifecycle Manager 2007 (ILM) experience.
Målgruppe:
This course is intended for Systems Engineers, Developers, Architects, and Project Leaders who need to gain a good understanding of how Forefront Identity Manager 2010 can be applied to manage identity information across a number of directories or databases. It is also suitable for those who simply want to review the technology in some depth.
Agenda:
After completing this course, students will be able to: Synchronize identity data across systems, such as Active Directory and HR.
Understand the issues involved in loading data (initial load, backup, and disaster recovery).
Understand FIM concepts and components. Configure security for different levels of user.
Identify appropriate FIM scenarios. Manage password self-service reset and synchronization. Manage users, groups, and passwords using FIM. Automate run cycles.
Handle sets, simple workflows, and management policy rules (MPRs).
Forkunnskaper:
Before attending this course, students must have:
A sound understanding of the purpose and some experience of the workings of Active Directory.
A sound understanding of the purpose and some experience of the workings of Microsoft Exchange Server.
A sound understanding of the purpose and some experience of the workings of Microsoft SQL Server.
Innhold:
Module 1: Introducing Forefront Identity This module introduces the FIM
Manager 2010 Synchronization Service Manager and line line explains its features through scenarios that do
not use the FIM Portal. It introduce the main Exercise 1: Configuring PCNS This module is a tour of many of the built-in tools (such as Metaverse Designer, line
features of FIM focusing on the user Operations Tool, and Joiner), and covers the
experience. The student will explore the FIM basic configuration of a Management Agent After completing this module, students will be interface, the high level architecture of FIM, and along with run profiles, verifying results, and able to:
the business needs that FIM addresses. In this simple Metaverse search. During the lab, line module, the student will examine FIM in its students create a new Management Agent for installed and configured state, whereas the rest a simple HR system.Lessons
of the course will be spent understanding how line line FIM works, and building the fully configured
FIM from a raw installation. The lab explores
creating a new user, managing groups and line line credentials for that user, and the experience of
that new user.Lessons Configure self-service password reset (and
line line lockout) for chosen FIM Portal users.
line Lesson 1: Introducing the Portal
line line Configure password synchronization across
systems. Lesson 2: Integrating the FIM Service and line line FIM Synchronization Service
line Identify where the use of Certificate Lesson 1: Introducing FIM Management might be appropriate. line Lab : Managing Users in the FIM Portal line
line
Lesson 2: Synchronization Concepts Module 7: Group Management
line line
line
Lesson 3: Other FIM Concepts This module covers the management of
line distribution and security groups, including the
line relationship between groups in Active Lab : The FIM Experience Directory and other systems. Synchronization line Exercise 1: Examining simple sets and MPRs rules, workflows, and MPRs are explored
line further, along with the configuration of workflow approvals.Lessons line Exercise 2: Create and modify a user line
line
line Lab : Creating the FIM MA and Synchronizing line line
Exercise 1: Log on and examine the
environment line
line line
Lesson 1: Groups and the Portal Exercise 2: Add some new users and examine line
group memberships line
line Lesson 2: Managing Groups in Active
Exercise 1: Create the FIM MA Directory Exercise 3: Examine how groups are managed line line line
Exercise 2: Synchronizing data Lab : Managing Groups Exercise 4: The user experience line line
line
After completing this module, students will be After completing this module, students will be able to: line
able to: line
line
line line
line Exercise 1: Distribution groups
line
line Exercise 2: Provisioning distribution groups in
Understand the key FIM service concepts Active Directory Understand what an identity management such as sets, workflows, and management line
system is for, and how FIM meets these policy rules.
requirements. line Exercise 3: Security groups
line line
Navigate the FIM Service Portal, and use the
Operate FIM as a user, while understanding the portal’s permission-granting system. Exercise 4: Provisioning security groups in high level functionality. line Active Directory
line line
Edit identity data in the FIM Portal.
Module 2: The Synchronization Service line After completing this module, students will be
Manager able to:
line Integrate the FIM Service and the FIM line Synchronization Service.
This module introduces the FIM line
Synchronization Service Manager and explains line its features through scenarios that do not use Module 5: Managing Synchronization from the the FIM Portal. It introduces the main tools Portal
(such as Metaverse Designer, Operations Tool, line line and Joiner), and covers the basic configuration
of a Management Agent along with run profiles, This module explores creation of an Active Manage various types of groups in the FIM results verification, and simple Metaverse Directory MA, and configuration via the portal Portal, including self-service and member search. During the lab, students will create a to manage mailbox-enabled users in AD. approval workflows.
new Management Agent for a simple HR Aspects of this process include line system.Lessons synchronization rules, workflows, and
line management policy rules, including complex Configure FIM so that portal groups manage attribute flows. In the labs, students configure the corresponding AD groups.
FIM so that users are automatically created line line (provisioned) into AD, renamed, and removed
(deprovisioned) as necessary.Lessons Module 8: Other Considerations
line line
line
This module examines management policy Lesson 1: The Synchronization Service line rules (MPRs)—perhaps the most important
line feature of FIM. It explores the different types
of management policy rules, their different Lesson 2: The Synchronization Service line uses, how they are processed, and how to Manager: The Management Agents Tool troubleshoot them. Then it examines some line Lesson 1: Synchronization Rules operational considerations, such as the
line management of run cycles using scripts, and Lesson 3: Synchronization Service Manager: also covers backup, restore, and disaster Other Tools Lesson 2: Outbound Synchronization Rules recovery.Lessons
line line line
Lab : Importing and Synchronizing Data Lesson 3: Managing Users in Active Directory
line line line
Lesson 4: More About Synchronization Rules
line line line
Lab : Inbound Synchronization Rules Lesson 1: Managing MPRs
line line line
Exercise 1: Connect to an HR data source and Lesson 2: Operations
import identity data line line
line
Lab : Portal Security Exercise 2: Examine the metaverse line line
line
Exercise 1: Using a synchronization rule to Exercise 3: Importing changes manage the HR data MA line
line line
able to: line
line Exercise 1: Configuring portal permissions
line line
line Lab : Examining Requests
line line
line
Exercise 1: Provision users in Active Directory line Understand the purpose, architecture, and line
functionality of the Synchronization Service.
line Exercise 2: Configure automatic OU line provisioning and population based on DN
Understand the purpose of the Synchronization line Exercise 1: Examine the requests concerning
Service Manager. group membership changes
line After completing this module, students will be line able to:
Create a simple SQL Server management line Lab : Backup, Restore, and Disaster agent, import identity data, and manage it. Recovery
line line
line Module 3: More About Synchronization
line line
line This module looks at various types of
Management Agent (MA), including LDAP and Understand inbound and outbound line file-based sources. It covers concepts such as synchronization rules and how these relate to
schema discovery, filters, join and projection "classic" rules. Exercise 1: Perform a data reload rules, connectors and disconnectors, joining, line line
provisioning, deprovisioning, and different kinds
of attribute flow. In the lab, students create two Create and configure synchronization rules to Exercise 2: Backup more Management Agents, and establish a manage identity data, including Active line
simple data-driven scenario for managing a Directory (AD) Users.
directory (AD LDS).Lessons line Exercise 3: Restore
line line
Control AD users including enable/disable
and DN renames. Lab : MA Run Scripts
line line line
Module 6: Managing Credentials with FIM
line line line
Lesson 1: Inbound Synchronization This module primarily explores passwords. line First, it addresses the essentials of Certificate line
Management, and then explores in detail the
Lesson 2: Outbound Synchronization self-service password reset and password Exercise 1: Running MA run profiles with line synchronization functions. The two labs cover scripts
all aspects of password management in FIM line Lab : Joining Data from Another MA (with the exception of writing custom
line password management workflows and Lab : Finishing Touches extensions).Lessons line line line line line line line Exercise 1: Creating and configuring the MA line
line Exercise 1: Finishing touches
Lesson 1: FIM Password Management line Exercise 2: Importing, synchronizing, and line
joining data After completing this module, students will be line Lesson 2: Password Self-service Reset able to:
line line
Exercise 3: Breadcrumbing and testing
line line Lab : Provisioning AD LDS
line Lesson 4: FIM Certificate Management
line line
line Lab : Password Self-service Understand the various types of MPR, why line they are used, and where they are used.
line line
line Understand the nature of requests, and how Exercise 1: Creating an AD LDS MA requests can be managed and tracked.
line line
line
Exercise 2: Provisioning AD LDS Configure a system for a regular cycle of line Exercise 1: Verify and modify the environment Management Agent runs.
line line
After completing this module, students will be
able to: Exercise 2: Modify the configuration for Deal with simple backup and recovery line password registration and reset scenarios.
line line
line Exercise 3: Testing password registration and reset
line line
Exercise 4: Configuring password reset Understand the Synchronization Service at a lockout
more detailed level. line line
Lab : Configuring PCNS Configure inbound and outbound line
synchronization for different types of MA. line
line Apply "classic" rules to simple identity
synchronization requirements. line
Module 4: The FIM Service and Portal line
Ytterligere informasjon:
For mer informasjon eller kursbooking, vennligst ring oss 22 95 66 00
[email protected] www.globalknowledge.no