"I had zero experience with the product going in, but now I have a solid understanding of how it works. The course went at a good pace and covered all the 'must know' points, with extra real world scenarios for rounding out exposure. The tutor was patient and helpful - his teaching method was engaging and upbeat with live examples and ad-hoc troubleshooting. He was also very entertaining! I would take other OCG courses without hesitation."
Wade D - attended live class over the internet
Online Self-Paced Course
Learn online self-paced in your own time with tutor support.
Live Instructor-Led Course
Join the class in person, or connect to the class in real time over the internet from wherever you are in the world (via Skype).
This course is for students with no or little previous MIM, FIM or ILM experience. It’s for systems engineers, developers and technical architects who need to understand how MIM can be used to manage identity information across a range of directories or databases.
This course is also suitable for those people who simply want to review the technology in some depth. All students should have a sound understanding of the purpose and some experience of the workings of Active Directory (AD), Exchange and SQL Server.
The training comprises presentations, discussions, demonstrations, and a lot of hands-on exercises to introduce and explain the many powerful features of MIM.
Updates! This course has been updated to include all the recent changes in the product. Students working with FIM 2010 R2 will find it extremely useful and relevant, especially if they are preparing for a future upgrade to MIM. And for those still working with Identity Lifecycle Manager 2007 (ILM) right now is the time to upgrade to MIM as ILM reaches end of life in July 2017. This course will give you a powerful overview of MIM’s capabilities.
At course completion
At the end of the course students will be able to:
Understand MIM concepts and components
Identify appropriate MIM scenarios
Manage users, groups and passwords using MIM
Synchronize identity data across systems, such as AD and HR
Understand the issues involved in loading data (initial load, backup, and disaster recovery)
Configure security for different levels of user
Manage password self-service reset and synchronization
Automate run cycles
Handle sets, simple workflows and MPRs
Module 1: Introducing Microsoft Identity Manager
This module involves a tour of many of the built-in features of MIM through the user experience, in which the student becomes familiar with the interface, the high level architecture, and the business needs MIM addresses. At this point you see the ‘finished article’ – the rest of the course is spent understanding how this works, and building the ‘finished article’ from a raw installation. The lab is a walkthrough of creating a new user and managing groups and credentials for that user – as well as the experience of that new user.
Module 2: The Synchronization Service Manager
In this module we introduce the MIM Synchronization Service Manager and explain its features through scenarios that do not use the MIM Portal. We introduce the main tools (Metaverse Designer, Operations Tool, Joiner etc.), and we cover basic configuration of a Management Agent along with run profiles, verifying results, and simple Metaverse searches. During the lab, a new Management Agent (MA) is created for a simple HR system.
Module 3: More about Synchronization
Here we look at various types of MA, including LDAP and file based sources, with the particular emphasis on Inbound and Outbound Synchronization. We cover in detail: filters, join and projection rules, connectors and disconnectors, rovisioning, deprovisioning, different kinds of attribute flow etc. In the lab, two more MAs are created, and a simple data driven scenario for managing a directory (AD LDS) is established.
Module 4: The MIM Service and Portal
We then examine the MIM Service and application database, introducing key concepts such as sets, workflows and policies, and how permissions are granted. Next we look at how the MIM Service integrates with the MIM Synchronization Service, and how data flows between them. The labs build a MIM MA and flows our HR data from the Synchronization Service to the portal, and portal data to the Synchronization Service.
Module 5: Managing Synchronization from the Portal
In this module we cover the concept of portal based Synchronization Rules, and how they compare with the “Classic” Rules we have considered so far. We go on to consider how and where to use Portal Synchronization Rules, Workflows, and Management Policy Rules (MPRs), including more complex attribute flows. We examine the special considerations required when managing Active Directory user accounts. The labs make use of Synchronization Rules. The lab also covers configuring MIM so that users are automatically created (provisioned) into AD, renamed, and removed (deprovisioned) as necessary.
Module 6: Credential management
Primarily this module is about passwords. We mention Certificate Management, but this is a large subject that has a course of its own. We discuss self-service password reset in detail (including text message, email and ‘MFA’ approaches) – we also discuss self-service account unlocking (new with MIM). We cover password synchronization. The labs cover nearly all aspects of password management in MIM, with the exception of some more advanced topics (like writing custom password management workflows and extensions), or configuration which is hard to do in a classroom environment (like Azure MFA).
Module 7: Group management
This module covers the management of distribution and security groups – including the relationship between groups in AD and other systems. More work is done on Synchronization Rules, Workflows, and MPRs. We cover the configuration of workflow approvals. The labs build on our scenario to include the management of various types of groups in AD.
Module 8: Other considerations
In this module we draw together the threads of what is perhaps the most important feature of the MIM Service – MPRs: the different types, different uses, how they are processed and how to troubleshoot them. We then look at some operational considerations, including the management of run cycles using scripts, and also backup, restore, and disaster recovery. Various labs cover additional features of MPRs and provide experience in the operational matters. The last of these labs puts the finishing touches on what has – perhaps surprisingly – turned out to be quite a thorough proof-of-concept system. This module also gives an overview of two “extensions” to MIM’s capabilities: Roles Based Access Control, and Privileged Access Management.
“Yes, online training helped immensely. The course was rather large and complex, and the online aspect allowed me to redo some of the longer complex labs, and the freedom to dip in and out helped me plan my training around my work day.“
Nick Clark - studied online self-paced
"Very straightforward and well planned course with detailed course material followed by highly detailed lab environment."
Jimmy Malmqvist - studied online self-paced
"The trainer's knowledge was obviously very deep, his presentation style was relaxed and he conveyed the course content extremely well. The course materials will been very useful when setting up our development environment."
Dr Matthew Williams - attended public class in person