First here is some background on the issue at hand. I am not a big fan of Lotus Notes, and having to synchronize data with the built in management agent for MIIS/ILM/FIM has brought me my share of joyful moments. Over the years, while monitoring an MA connection to a Lotus Notes database, I would [...]
So since we have gone from MMS –> MIIS –> ILM –> FIM, some of the components have also been renamed. Here is a post that describes some of the new names of the sub-components of FIM2010.
It’s officially out that Identity Lifecycle Manager (v2) is now Forefront Identity Manager 2010!
While searching (should I say “Kumo-ing” soon?) for a question on GALsync I came across an interesting page at the Live@EDU site related to Identity Lifecycle Manager (ILM).
Here is a great book that helps in understanding the Windows Security Model, and I was pleasantly surprised to find it available online in it’s entirety…for free! This is a great book to purchase as it is something you will refer to many times because of the depth of the knowledge. If you ever wondered [...]
Years ago when Windows 2000 was in beta I knew it was about time I would have to learn scripting in vbScript, and for years I found it very useful. Then I felt I had to learn .NET and switched to using c# for everything, as it offers many things that were not possible in [...]
In some ways, working with .NET code spoils you. When working with ASP.NET apps which want to use Authorization information based upon the authenticated user’s PAC contents, it’s a simple call to IsInRole(). This uses the Privilege Attribute Certificate (PAC) in the Kerberos ticket to determine if a user is in a specific group for [...]
Simple bind events don’t record the calling Computer as the source, but record the ADDS-DC or the ADLDS instance name, so you cannot determine where the simple bind request came from. So if you are trying to track down where the calling machine is that is locking out a user, you cannot determine this from [...]
While trying to troubleshoot some application issues using SSL to connect to an ADLS/ADAM instance over LDAPS, I was curious if extended logging was available. A quick post to the ActiveDir.org mailing list provided this nugget of Active Directory goodness for future reference.
