Azure Active Directory

June 19, 2012 at 10:06 PMHenrik Nilsson

Posted in:

Tags: ,

FIM R2 is now generally available

June 15, 2012 at 9:02 AMHenrik Nilsson

FIM R2 has been released in full, for information read more here…

Forefront Identity Manager 2010 R2 Now Available

Posted in:

Tags:

Azure Active Directory

May 24, 2012 at 12:51 AMHenrik Nilsson

Identity As A Service (IAAS) is becoming a reality on the Microsoft platform!

Reimagining Active Directory for the Social Enterprise (Part 1)

I’ll update this when part two arrives in this two-part series of posts…

Posted in: ADFS | AD | Azure

Tags: ,

Update Rollup 2 for ADFS 2.0 released

May 16, 2012 at 11:14 AMHenrik Nilsson

The Update contains a whole bunch of fixes and the full list can be found at:

Description of Update Rollup 2 for ADFS 2.0

Posted in:

Tags:

The Ultimate FIM File Connector

May 15, 2012 at 12:37 AMHenrik Nilsson

It’s available on CodePlex now - FIM Ultimate File Connector

 

  • Just the basic File Connector supporting the following OOB file formats:
    Attribute Value Pair (AVP)
    Delimited
    Directory Services Markup Language (DSML)
    Fixed
    LDAP Data Interchange Format (LDIF)

    …But has the following extra functionality:
    Full Export that before ECMA had to be handled externally from FIM/ILM/MIIS
    Files can be managed at FTP, FTPS, SFTP, SCP and File System Locations (remote from the Extensions folder)
    Files can be compressed/extracted with or without encryption/decryption
    Substitution of date and time values in file names

I would love all possible input like suggestions on how it could get better, ideas for new functionality but also the bad things otherwise how can I make it better…

Go check it out: FIM Ultimate File Connector

Posted in: Connector | FIM 2010 R2 | Identity Management

Tags:

Microsoft Extended Experts Team–MEET

April 23, 2012 at 1:22 PMHenrik Nilsson

Just wanted to write some words about the network I’m a part of, MEET. Meet consists of around 30 individuals, all experts within one or more areas of Microsoft technology from development to security, virtualization, System Center and more.

Here’s a list over some members of Meet and their area of focus.

You will be able to Meet most of the persons above and more of the Meet members at TechDays Sweden in Örebro as speakers or participants. If you have questions regarding Microsoft products probably no one could answer your questions better than the MEET members (we are frequently ask by Microsoft to help them out with their questions).

If you haven’t booked you ticket to TechDays Sweden yet, I think you should because there’s still some available! Go get your ticket to TechDays here.

Posted in: MEET

Tags: ,

Claims Guide 2.0 is available

December 12, 2011 at 7:45 AMHenrik Nilsson

Version 2.0 of the really great “A Guide to Claims-Based Identity and Access Control” by the Microsoft Patterns and Practices Team is available for download here…

A Guide to Claims-Based Identity and Access Control

Posted in: ADFS | Claims | Federation

Tags:

Using ADFS 2.0 SQL Attribute Store for “advanced” claims

November 30, 2011 at 11:20 PMHenrik Nilsson

It’s getting late so I’ll just briefly describe this unless you figured this out already…

It started out with MSFTie Ken St. Cyr published a blog post  about a Powershell Attribute Store, a really great idea except he pointed out this could be used for provisioning which is not such a great idea so I made a comment on it. He replied and complained that the ADFS Claims Rule Language lacked more advanced functionality so I just had to show you how the SQL Attribute store can be used for this. Sorry Ken, I just had to make this blog post and I hope you don’t mind me mentioning your great blog and our conversation!?

First of all make sure you have a working connection to a SQL database from ADFS using SQL Attribute store!

Here’s a simple one just to make a claim (Given Name in this case) upper case, other function could be used as well:

c:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"]
=> issue(
store = "SQL",
types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"),
query = "SELECT UPPER({0})", param = c.Value
);

And here’s how the famous IsOver21 claim can be created as a scalar valued function in SQL
(far from perfect especially date conversion but it works with Swedish date format like 1979-12-23):

CREATE FUNCTION IsOver21 
(
@BirthDate nvarchar(10)
)
RETURNS nvarchar(3)
BEGIN
DECLARE @Age int, @ReturnValue nvarchar(3)
SET @Age = DATEDIFF(year, CONVERT(DATETIME,@BirthDate,20), GETDATE())

IF @Age >= 21
SET @ReturnValue = 'Yes'
ELSE
SET @ReturnValue = 'No'

RETURN(@ReturnValue)

END

You can then use it like this in ADFS (please use more properly named claim types though) and note how the function needs to be prefixed with dbo:

c:[Type == "http://OddClaims.org/ws/2011/11/identity/claims/birthdate"] 
=> issue(
store = "SQL",
types = ("http://TheCrazyClaimsFactory.com/ws/2011/11/identity/claims/AreYouReallyOver21Punk"),
query = "SELECT dbo.IsOver21({0})", param = c.Value);
 
Have fun!

Posted in: Claims | ADFS | Federation

Tags: ,

New Lotus Notes/Domino 8 MA

November 24, 2011 at 12:25 AMHenrik Nilsson
A new ECMA2 based connector for FIM 2010 R2 is already available in beta at Connect here.

 

New functionality:
• Support for additional object types: mail-in database, Resource (meeting rooms and on line meetings).
• Support for renames using the AdminP process.
• Dynamic schema discovery for custom attributes.
• Delta import for add and updates.

Posted in: FIM 2010 R2 | Forefront Identity Manager | Lotus Notes

Tags: ,

FIM 2010 R2 released as Release Candidate (RC)

November 23, 2011 at 6:22 PMHenrik Nilsson

Read about the news here.

Posted in: FIM 2010 R2 | Forefront Identity Manager

Tags: