With the new features of FIM 2010 R2 such as external SSPR, reporting, and BHold (not to mention all of the other extras - like the the gains in performance, new connectors, etc.), folks are of course interested in updating their FIM 2010 installations. The problem is that if you installed the …Continue reading
Author Archive for Michael Baker
Recently, while working on a Microsoft Network Device Enrollment Services (NDES) deployment, a client asked a simple-enough question about the thumbprint for the Certificate Authority (CA) certificate that was displayed on the NDES admin enrollment GUI, “What is that hash? And why doesn’t it match any of the CA certificate thumbprint hashes in my chain-of-authority?”Continue reading
Recently, I have been involved in several client projects that involve the distribution and synchronization of user accounts between multiple organizations. This is a little different than the standard synchronization scenario, which assumes that there is one organization, and data flows from an authoritative source, such as an HR data store. An example of this basic synchronization can be seen in Figure 1; assume that we have three domains in our organization, and domain A is authoritative.Continue reading
Recently, one of our clients had a scenario that required them to keep track of the proxyAddresses attribute history between two Microsoft Active Directory (AD) domains. Since FIM Sync Service doesn’t retain any history of attribute values (as simply a state-based synchronization engine), this required a bit of thought and planning.
Examining the need to keep track of the history and exploring options, we came down to the solution through a simple one-revision history mechanism with FIM Sync.Continue reading