Bobby and Nima's Forefront Identity Manager Blog

  • Custom expressions in advanced attribute flows

    If you are at the point where you're comfortable with using the functions and various options in attribute flow creation, I'd like to introduce you to a really cool feature to add some efficiency and extra capabilities to your attribute flow creation...
  • Run on Policy Update - Retroactive Policy Enforcement

    Somewhat hidden within Forefront Identity Manager 2010, there is a very useful feature for action workflows called "Run on Policy Update". Here are the situations where you may find this feature useful: 1. You are creating a new Management Policy...
  • XPath Filter Dialect: Fundamentals

    ILM “2” provides a Web Service Enumeration (WS-Enumeration) end point by which client applications can run queries and retrieve the results. Please refer to Joe Schulman’s excellent extensibility blog for more details on using the WS-Enumeration end point...
  • Introducing Hierarchical Provisioning

    Yesterday I was eating my bowl of Frosted Miniwheats (by Kellogg) for dinner and out fell a coupon for another free box of Miniwheats. “Oh hot lam!” I exclaimed to myself. I had totally not seen the offer stamped on the front of the box for a free box...
  • Greetings!

    This is us! We're Nima Ganjeh, and Bobby Gill, two Program Managers working on Microsoft's Identity Lifcycle Manager "2" product. We started this blog to serve as a resource to all of you for both learning about how the product works as well how to use...
  • XPath Filter Dialect: Examples

    The product team and I just wrapped up our week at the TechReady event in Seattle. Bobby presented an excellent session on codeless provisioning, focusing on configuration and tips and tricks, and I presented a session on workflow and activity extensibility...
  • Extending ILM "2" to manage and provision computer objects

    One topic for ILM “2” that came up repeatedly at TechEd IT Pro North America this year was extensibility. Specifically, many customers asked how the system can be configured to manage an arbitrary resource, enabling them to apply policies to and provision...
  • Dependencies - not just for avoiding taxes!

    What's our name again? Whoa, new product name! For those of you who have been chasing butterflies for the past month, what was once known to us as Identity Lifecycle Manager "2" is now called Forefront Identity Manager. I know, it's not the sexiest...
  • How to make ILM "2" scream.

    One of the big features of ILM "2" RC are the changes we have made to the portal and server to enable ILM to scale higher. In the portal and in the ILM service we've tuned, and jiggered with the way we interact with SQL and on the wire to make the ILM...
  • Announcing Identity Lifecycle Manager “2” Release Candidate

    We're back! Today we have a guest blogger to announce the Release Candidate for ILM "2": I’m Lori Craw, group product manager covering identity and security at Microsoft. Today I am pleased to announce the exciting news that the Identity Lifecycle...
  • ILM "2" also comes as a hybrid...

    For those of you who are MIIS / ILM 2007 pros, when seeing the Codeless Provisioning functionality one of the first questions that comes to mind is "can I use my existing rules extension in ILM "2"?". Of course. At a basic level, with ILM "2" RC...
  • Data transformation and attribute flow without writing code: functions to the rescue!

    If you read the post on setting up the synchronization rule for the flowing of Computers to AD, you'll notice we make use of a concatenation option to concatenate multiple values and flow them to a destination attribute. Concatenation is an example of...
  • The Mysteries of the ILM Management Agent Uncovered:

    One of the many changes we made across the ILM to support the new declarative synchronization and provisioning concepts (aka 'codeless provisioning') was with the ILM Management Agent (hence forth referred to as ILM MA) configuration experience. ...
  • One DRE and a large shake to go...

    For those of you who have used ILM "2" Beta 3, you have probably used in some form the new codeless provisioning functionality included within it. There is a ton of functionality encapsulated within this one area, and one of the less-talked about and...
  • Farewell!

    As a lot of you may already know, after 4 years of working on MIIS / ILM / FIM I've decided to leave Microsoft. No, I'm not being fired, nor am I jumping ship to a competitor :) Rather I am leaving Microsoft to pursue a MBA at Columbia starting this fall...
  • Forefront Identity Manager 2010 has shipped!!

    I'm happy to announce that FIM 2010 is now available for customers. You can read the Forefront blog post here: http://blogs.technet.com/forefront/archive/2010/03/02/rsa-conference-2010-identity-at-the-forefront.aspx
  • Topics Wanted!

    The hardest part of this blog is finding topics to write about that would be interesting and useful to the community at large. If you have a topic or a question that you want to see addressed on this blog, please email me and I will see if I can post...
  • Opening the mailbox:

    Question from one of our readers: From: Sent: Tuesday, July 14, 2009 11:06 AM To: Bobby Gill Subject: (Bobby and Nima's Forefront Identity Manager Blog) : Question about FIM/Outlook Importance: High Good afternoon Bobby and Nima's. ...