MasterClass: Microsoft Identity Manager

Microsoft Identity Manager is a tool that helps you manage identities and automate identity-related business processes that reduce operational cost and improve security. You will learn how to manage users and groups and implement self-service parts. We will present the proper approach to troubleshooting, and implementing best practices. You will see how to use identity management to protect administrative accounts within Active Directory. We will demonstrate how to implement role based access control and create effective reports with Microsoft Identity Manager.

Audience:

This training is intended for system engineers, solution architects, developers and IT staff responsible for managing identities in their corporate environment. 

Prerequisites:

Good understanding and hands on experience with Microsoft technologies: Active Directory, SQL Server, Exchange Server, Azure Active Directory. 

Course outline:

Module 1: Microsoft Identity Manager Architecture 

Detailed discussion about MIM architecture and its components: MIM Portal, MIM Service, MIM Synchronization Service, MIM Reporting. We will also provide an answer to the question what business needs can be addressed with MIM. Brief presentations of built-in functionality, on which we will expand later in the course, will conclude this module. We will also introduce the concepts of role-based access control and privileged access management.

Module 2: Deployment 

We will discuss various scenarios of MIM deployment and perform detailed analysis of benefits and drawbacks of each solution. We will present how to install Microsoft Identity Manager and execute recommended post installation tasks. Additionally, we will present how to perform capacity planning properly.

Module 3: MIM Synchronization Service 

We introduce you to the Synchronization Service and discuss its features. Students will gain hand on experience with main tools used to design, implement and manage synchronization. We discuss in detail the configuration of Management Agents and explain various task related to schema management. We compare initial loads to schedule runs. The last part of this module will be spent on discussing how to move configurations between test and production environments.

Module 4: MIM Service Configuration 

We will present and discuss MIM Service features. Trainers will also demonstrate the configuration and customization of MIM Portal. 

Module 5: User Management 

The primary goal of almost all Microsoft Identity Manager installations is user management. We will show how to provision accounts through MIM Portal. We will also discuss how to effectively use MIM policies. 

Module 6: Group Management 

We will discuss different group types and scopes in both Active Directory and Microsoft Identity Manager. We will show how to create criteria based groups. To conclude this module, we will discuss the task related to group management. 

Module 7: Role based access control 

We will present how to deploy RBAC in your environment, which involves defining roles and control access based upon those roles. We will introduce you to BHOLD Suite including designing and managing attestation process. 

Module 8: Privilege Access Management 

We will present how to mitigate risks associated with access escalation. We will discuss and demonstrate how Microsoft Identity Manager reduces threats by working with Active Directory Domain Services to provide a privileged access management interface. 

Module 9: Password Management 

We will focus on configuration and deployment of self-service reset password functionality, which allows users to reset their passwords without IT staff help. We will describe how password synchronization works and how we can modify its configuration. 

Module 10: Certificate Management 

We will introduce you to the concepts of certificate management. Trainers will demonstrate how to install and configure components required for certificate management. We will look at implementing various scenarios based on certificates including cross forest and ADFS scenarios. 

Module 11: Deep drive into MIM Reporting 

We will take a deep drive into built-in MIM reporting features. Trainers will discuss how reporting works under the hood and how you can customize and deploy it in your own infrastructure. 

Module 12: Problems? 

We will demonstrate the troubleshooting procedures that will help when you end up in trouble with your MIM installation. 

Module 13: Best Practices 

After this module day to day operations of Microsoft Identity Manager will not be a mystery for you. We will also discuss very important and often forgotten topic of backup and restore. To conclude our course trainers will present best practices for MIM configuration and management.