Who is our MIM Advanced Course for?
This course is for systems engineers, developers, technical architects and IT staff responsible for their users’ identities who:
- Are already familiar with the fundamental concepts and capabilities of MIM (or FIM)
- Have already attended the MIM Foundation (or FIM Foundation) course – or have already gained a similar level of knowledge
- Wish to gain the understanding they need to deploy the technology
This and our other MIM courses are suitable for those using FIM – the differences are highlighted throughout our courses. Find out more.
The training comprises presentations, discussions, demonstrations, and a lot of hands-on exercises.
At the end of the course students will be able to:
Note that if you want to learn about the Privileged Access Management (PAM) feature of MIM, we cover this in a separate one-day course.
We also run MIM Foundation and MIM Expert courses. Not sure which is right for you?
Module 1: MIM reminder
We start with a tour of the features of MIM that were covered in the Foundation course, pointing out those areas which this course will further develop. This is an opportunity to clear up any misunderstandings before launching into a lot of new information. This module gives a (reminder) overview of the other capabilities of MIM (Role Based Access Control and Privileged Access Management).
Module 2: Portal configuration
We look at the interface configuration, including look and feel and navigation. The portal schema model is also considered: resources, attributes, bindings and validations; use of XPath and search scopes; usage keywords and localization; how to extend the schema.
Module 3: Understanding synchronization
We cover metaverse schema extension, and synchronization in depth. It explores the whole process, including holograms and how to troubleshoot synchronization errors. Synchronization rules are mapped to the classic rules, identifying where to use each type, and where extensions are required.
Module 4: More complex workflows and MPRs
In this module we examine the MIM Service and application database. This covers more complex workflows using functions and parameters, and temporal (time-based) MPRs for expiration, notification and delayed actions. We import and use a third party Windows Workflow Foundation workflow, and use it to generate MIM workflows.
Module 5: Classic rule extensions
In this module introduces (coded) extensions of classic management agent configuration, including coded provisioning, attribute flow, and deprovisioning. Topics include DLL extension architecture, metaverse and management agent DLL concepts, and creating and debugging extensions. Suggestions are made for effective management and best practices.
Module 6: More about management agents
In this module we look at some additional features of the management agents, and look at management agent types not yet covered. Specifically we look at file-based management agents, and how delta imports can be applied to database type management agents (with SQL Server being the exemplar). We provide some notes on the use of the other types of management agent that are not explicitly covered in the course, and lastly we give an overview of the different ways in which MAs can be extended (but this is a topic that cannot be covered in any detail in this course).
Module 7: Architecture installation and deployment
This module covers installation, but also considers likely production topologies, how to scale it, and other considerations. Installation of the password web sites, and reporting functions are also covered.
Module 8: Reporting in MIM
This module covers the out-of-the-box reporting available with MIM. and looks at a third-party reporting solution, namely, Software IDM’s Sync Panel. Starting with simple usage of reports, it then covers how to manage the flow of data from MIM to the reporting data warehouse (DW). It covers the different data structure in the DW, and how this maps to MIM’s schema. Sync Panel adds more reporting options and other useful features to MIM. We investigate an installation of of Sync Panel and identify what it adds to a MIM solution.
Module 9: Operations, troubleshooting and metaverse reporting
This module looks at all the sources of information that can help in operating and troubleshooting MIM. It covers synchronization preview, and analyzing requests in the MIM Service. It covers the use of PowerShell cmdlets for extracting and migrating configuration data – including pitfalls and essential workarounds. It also covers how to report on the metaverse (this is not supported by Microsoft).
Module 10: More synchronization
The final module covers some advanced synchronization techniques. We cover cases where there may be more than one account, in a given external system, relating to one person. We also cover approaches to automated group creation and management. The labs in this module are presented as optional – partly this is because they are quite involved and “expert” in nature, and partly to give us some flexibility on the timing of the course (which can vary considerably depending on the amount of class discussion, and so on).