- FIM 2010 Functions Reference: http://aka.ms/fim2010functionsref
- How Do I Synchronize Groups from Active Directory Domain Services to FIM
- How Do I Provision Groups to Active Directory Domain Services
FIM group Type =
|FIM group Scope =||AD GroupType =|
From AD to FIM
From FIM to AD
If you got some more of the FIM short URLs… let me know.
More than happy to make a Wiki article of it (but then we need lots more of it…)
A hotfix rollup package (build 4.1.3496.0) is available for Forefront Identity Manager 2010 R2 (#FIM2010)
If you have seen the announcement of the three newly released Connectors for FIM2010R2, there is some more news in the technet documentation…
The Windows Azure Active Directory Connector for FIM 2010 R2 Technical Reference requires FIM 2010 R2 hotfix 4.1.3493.0 or later (2906832).
That requirement refers to a new KB article, announcing FIM Hotfix build 4.1.3496.0: http://support.microsoft.com/kb/2906832
Microsoft has announced the release of three new Connectors for FIM2010R2 for public General Availability.
Windows Azure Active Directory Connector
This conector can be used in scenarios not supported by DirSync, for example multi-forest or non-AD.
Microsoft still recommends to use DirSync as the primary solution to synchronize AD to AAD and use it whenever possible.
The Connector comes with sample code and configuration for a resource/account-forest scenario.
For more information: please refer to the TechNet documentation: http://go.microsoft.com/fwlink/?LinkID=330371.
This Connector will allow you to connect to an LDAPv3 compliant directory.
It currently supports the same LDAP directories (IBM, Novell, and Oracle) we ship with FIM2010R2 and will over time replace the built-in LDAP Management Agents.
For more information, please refer to the TechNet documentation: http://go.microsoft.com/fwlink/?LinkID=270179.
SharePoint User Profile Store
This Connector will connect to the SharePoint User Profile Store and can be used as a replacement for the built-in synchronization engine which comes with SharePoint, for example in multi-forest or non-AD scenarios.
For more information, please refer to the TechNet documentation: http://go.microsoft.com/fwlink/?LinkID=331344.
In the Sync Engine UI go to “Help”, “About”. Look for the Tag “Product ID” which has 4 groups of numbers. The second group identifies the SKU:
270 – VL (Volume License)
335 – MSDN
849 – Evaluation
442 – DirSync
Download EMET 4.1 at http://technet.microsoft.com/en-us/security/jj653751
Courtesy to Kim (https://twitter.com/thewmiguy).
Source: System Center: Operations Manager Engineering Blog > Audit Collection (ACS) Database and Disk Sizing Calculator for OpsMgr 2007
So, want collecting logs for 500 member servers, 40 DCs, with a few events per second… and log retention for a year.
Result: server ends up with 21TB of data…
Need to reset my goals. :((
Thank you, Kim!
Microsoft has just announced general availability of their massively updated Microsoft Rights Management offering…
Perfect timing given recent Edward Snowden press. Saying that a lot has changed is an understatement: RMS can now protect any file type and it lets you access content on iOS, Android, Windows Phone 8 in addition to Windows 7/8. There is even have a free offer for individuals that lets you share protected content with others who don’t have RMS (for free). Finally, they have a simple way to deploy the server by using a lightweight ‘RMS Connector’ that has your on-premises Exchange and SharePoint workloads using Azure RMS offering (complete with its hardware security modules — Thales HSMs — for unprecedented cloud-based RMS key protection).
Here is the information they have put together. I’d recommend looking at the whitepaper for some good insight on data security all up.
There is already quite some interesting stuff posted on the RMS website.
RMS for Business Decision Makers: http://technet.microsoft.com/en-us/dn308547
And plenty of stuff on RMS for IT Professionals at: http://technet.microsoft.com/en-us/dn175751, to start with understanding and evaluating RMS:
What are you waiting for?
How to import third-party certification authority (CA) certificates into the Enterprise NTAuth store
For Win 2008, Windows Server 2012:
Add Published Certificates to Active Directory Containers
“If a CA certificate is not added automatically when the new CA is created, such as a stand-alone CA created by a user who is not a member of the Enterprise Admins group, the CA certificate can still be added manually to the NTAuthCertificates container.
This process can also be used to add the CA certificate of a non-Microsoft CA that has been used to issue smart card logon or domain controller certificates. By publishing these CA certificates to the Enterprise NTAuth store, the administrator indicates that the CA is trusted to issue certificates of these types.“
Using Enterprise PKI: http://technet.microsoft.com/en-us/library/cc754963.aspx
Install the Enterprise PKI Console: http://technet.microsoft.com/en-us/library/cc771085.aspx
by Henrik Walther [Published on 5 Nov. 2013 / Last Updated on 5 Nov. 2013]
Several fixes included plus this version can be installed on Domain Controllers.
Also see the release history wiki page: http://social.technet.microsoft.com/wiki/contents/articles/18429.windows-azure-active-directory-sync-tool-version-release-history.aspx
The latest version can be downloaded here: Windows Azure Active Directory Sync tool – 64 bit