Detecting Non-Authoritative Accounts

by Henrik Nilsson 7. January 2010 00:45

I’m currently working with Markus Vilcinskas on a couple of FIM Experts articles on how to detect non-authoritative accounts. Today we published the first two parts were the second part also contains an in depth description on how object state detection works. Enjoy!

Detecting Non-Authoritative Accounts – Part 1: Envisioning

Detecting Non-Authoritative Accounts – Part 2: Design

 

Technorati Tags:

Tags:

Forefront Identity Manager | Sync Rules | Non-Authoritative Accounts | Object State Detection

Permalink | Comments (0)

ADFS 2.0 RC is here

by Henrik Nilsson 18. December 2009 19:11

The news:

  • IDP initiated communication
  • Single logout
  • Artifact resolution protocol
  • And a lot more…

See the announcement here:
http://channel9.msdn.com/shows/Identity/ADFS-20-RC-is-Here/

Tags:

Permalink | Comments (0)

FIM 2010: How to let non-admin group owners manage their groups

by Henrik Nilsson 2. December 2009 18:57

I turns out there’s a lot of things that needs to be in place before this is made possible…

Usage Keyword

Usage keywords are required for letting non-admin users see portal design elements like navigation bar and home page resources but also for letting them being able to use search scopes. The keyword for letting non-admin users take part of these objects is BasicUI…

1. Under Administration and Home Page Resources select the “Manage my SG’s” and add the keyword BasicUI as usage keyword.

image

2. Go back to Administration and select Navigation Bar Resources. Select the “My SG’s” navigation bar resource and add the BasicUI keyword to this one as well.

3. Go back to Administration again and select Search Scopes. Add BasicUI as Usage keyword to the “My Security Groups” Search Scope

MPR’s

There is two MPR’s that allows for group owners to manage their groups. Both of these are disabled by default.

4. Go back to Administration and in to Management Policy Rules. Open and enable these two MPR’s:

  • Security group management: Owners can read selected attributes of group resources
  • Security group management: Owners can update and delete groups they own

image

5. Done!

Conclusion

The usage keyword stuff is poorly documented but I hope this will be better…

Tags: , , ,

Forefront Identity Manager | Portal Management

Permalink | Comments (0)

How to load balance FIM

by Henrik Nilsson 23. November 2009 11:26

Darryl Russi have posted a great article on how to configure for more than one instance of the FIM Service.
If you haven’t discovered Darryl’s blog yet, make sure you bookmark it or add a feed subscription!

Service Partitions - Multiple Middle Tiers, Request & Workflow Processing

Tags: ,

Forefront Identity Manager | Identity Management | Workflow

Permalink | Comments (0)

Copyright © 2009 Henrik Nilsson
Log in

About the author

Henrik - the author Hi and welcome to Stockholm, Sweden!
I'm Henrik Nilsson and the author of this blog.
I do hope you find something interesting during your visit...


More about me...
Contact me...

This site and content is my own work and opinion, it does not necessary reflect the opinions of my employers at Cortego.

View Henrik Nilsson's profile on LinkedIn

Followers