2731: Deploying and Managing Microsoft Identity Integration Server 2003 (4 Days)
About this Course
This four-day, instructor–led course provides students with an understanding of how Microsoft Identity Integration Server 2003 can be used to synchronize identity data across multiple sources according to business rules.
Audience Profile
A successful deployment of MIIS 2003 involves a wide range of skill sets from individuals in different roles. This course is intended for systems engineers, architects, and developers who will be part of a team responsible for implementing MIIS 2003. Each should have thorough experience in Microsoft Windows 2000 or Windows Server 2003, with some understanding of Microsoft SQL Server and directories and a working knowledge of programming languages. An awareness of the business issues surrounding the management of employee data and familiarity with related technologies such as Lotus Notes or Novell eDirectory will be beneficial.
At Course Completion
After completing this course, students will be able to:
- Configure a metaverse schema.
- Active Directory
- Create management agents for a number of external sources, including Microsoft Active Directory forest, Active Directory in Application Mode (ADAM), and SQL Server – in a basic configuration.
- Configure management agents, including connector filters, join rules and attribute flow for straightforward scenarios.
- Configure and verify data flow.
- Create and debug simple rules extensions.
- Provision and control Active Directory and ADAM accounts, including groups with Exchange enablement.
- Manage passwords using Windows Management Instrumentation (WMI) and Web applications.
- Backup and restore MIIS.
- Manage MIIS using WMI.
- Understand the security implications of an MIIS installation, and ensure a basic level of security.
Course Outline
Module 1: IdM Systems and Microsoft Identity Integration Server 2003
This module provides an overview of Identity Management (IdM) Systems, and the concepts and architecture of MIIS 2003.
Lessons
- The purpose of an Identity Management System
- The Metadirectory and other features of MIIS 2003
- MIIS 2003 Overview
- Essential MIIS Concepts and Terminology
Lab : Exploring the MIIS Classroom Installation
- Verifying the Classroom Configuration
Module 2: Introducing the Identity Manager
This module provides an overview of the Identity Manager ? the MIIS 2003 administration tool.
Lessons
- Using the Identity Manager
- The Management Agents Tool
- The Metaverse Search Tool
- The Operations Tool
- Other Identity Manager Tools
Lab : Import and Run and HR MA
- Importing a Management Agent
- Running a Management Agent Import
- Performing Simple Metaverse Searches
After completing this module, students will be able to:
- Find their way around the Identity Manager
- Import a Management Agent
- Import data from SQL Server
- Search the metaverse
Module 3: Introduction to Management Agents
This module introduces Management Agents and Run Profiles in some detail.
Lessons
- The ?Staging Steps? of Management Agent Configuration
- The ?Synchronization Steps? of Management Agent Configuration
- Run Profiles
- Delta Imports
Lab : Configuring a File-based MA
- Creating a Text File MA
- Creating an Import Run Profile
Lab : Delta Imports
- Create a Delta View in SQL Server
- Configure an MA for Delta Import
After completing this module, students will be able to:
- Create and configure a Management Agent
- Configure Run Profiles
- Understand the purpose of Delta imports
Module 4: Data Flow in Microsoft Identity Integration Server 2003
This module examines in detail how data flows in MIIS 2003. It lifts the lid on the synchronization engine, also considering export flow and precedence. Finally it covers manual operations like preview and manual joining.
Lessons
- Staging, Synchronization and Export
- Inbound and Outbound Synchronization
- When do rules run?
- The Connector Space and Preview
- Holograms and Synchronization
- Exports
- The Metaverse Schema: Metaverse Design
- Manual Joining and Disconnection
Lab : Staged and Synchronization Run Profiles
- Creating Staged and Synchronization Runs
- Previewing the Effect of Synchronization
Lab : Export Attribute Flow
- Export Attribute Flow
- Export Run Profiles
Lab : Metaverse Design, Creating a SQL Server Management Agent
- Adding Metaverse Attributes
- Creating a SQL Server Management Agent
Lab : Experimenting with Joins, Connectors and Disconnectors
- Manual joining
- Manual disconnecting
After completing this module, students will be able to:
- Understand how the synchronization engine works
- Configure Management Agents attribute flow rules for import and export
- Configure a metaverse schema
- Understand the need for, and perform, manual joining
Module 5: Introducing Programming Aspects
This module introduces the programmable aspects of MIIS 2003.
Lessons
- Windows Management Instrumentation (WMI)
- Introducing WMI
- Managing Microsoft Identity Integration Server 2003 (MIIS 2003) using WMI
- Rules Extensions
- Introducing Rules Extensions
- Examples of Rules Extensions
- Debugging Rules Extensions
Lab : Scheduling MA Using WMI
- Creating and Modifying Scripts
- Scheduling a Script
Lab : Using an MA Rules Extension
- Configuring Rules Extension Rules
- Creating a Rules Extension
Lab : Debugging a Rules Extension .DLL
- Setting and Using Breakpoints in a .DLL
- Configuring Simple Logging
After completing this module, students will be able to:
- Control Management Agent runs through WMI
- Have an appreciation of when and where to use rules extensions
- Create simple rules extension flow rules
Module 6: Installation and System Management
This module covers a range of administrative and design considerations, including backup and restore, security, best practices, and so on.
Lessons
- Preparing for Installation
- Data Security
- Installation and Uninstallation
- Implementation Considerations
- Best Practices
- Additional Tools
- Troubleshooting
Lab : Backup and Restore
- Backing Up Encryption Keys
- Backing Up Configuration and Data
- Restoring
- Locking down the Service Account
After completing this module, students will be able to:
- Backup and restore MIIS 2003 data and configuration
- Implement basic security
- Plan for an implementation, including best practices
Module 7: Provisioning
This module explains how to perform simple provisioning and deprovisioning of objects.
Lessons
- Provisioning Scenarios and Concepts
- Metaverse Rules Extensions
- Basic Provisioning Steps
- Deprovisioning
- Techniques and Examples
Lab : Simple Provisioning
- Creating a Metaverse Extension DLL
- Setting Up Simple Provisioning
Lab : Deprovisioning
- Setting Up Simple Deprovisioning
After completing this module, students will be able to:
- Create a metaverse rules extension
- Configure MIIS for simple provisioning and deprovisioning
Module 8: Working with Active Directory
This module applies what has been learned so far to Active Directory and ADAM. It also introduces the management of groups.
Lessons
- Active Directory and Microsoft Exchange Server with Microsoft Identity Integration Server 2003 (MIIS 2003)
- How to Configure an Active Directory MA
- ADAM with MIIS 2003
- How to Configure an ADAM MA
- Managing Groups
Lab : Active Directory
- Preparing Data Required for Provisioning
- Creating an Active Directory MA
- Creating a DLL for Provisioning Active Directory
- Controlling Active Directory Account Status
Lab : ADAM
- Creating a Simple ADAM MA
- Provisioning ADAM Accounts
Lab : Groups
- Provisioning Groups
Lab : Populating Groups
- Importing Group Memberships from SQL Server
- Provisioning Group Objects with Memberships
After completing this module, students will be able to:
- Create an Active Directory management agent
- Create an ADAM management agent
- Provision Active Directory accounts and groups (including Exchange)
- Manage Active Directory accounts
Module 9: Password Management
This module introduces MIIS password management and synchronization.
Lessons
- Password Management Overview
- Integrated Password Management
- Managing Passwords Using Windows Management Instrumentation (WMI)
- Managing Passwords Using the Provided Web Applications
- Admin (help desk) password reset
- User (self-service) password change
Lab : Managing Passwords
- Installing Password Management
- Configuring Password Management
After completing this module, students will be able to:
- Implement password management
Module 10: Other Management Agents and Typical Scenarios
This module covers the management agents not explicitly covered elsewhere in the course and goes on to cover some typical MIIS 2003 scenarios.
Lessons
- Notes on MAs not explicitly covered in the course
- Sun ONE (iPlanet), Lotus Notes, Novell eDirectory
- Microsoft Windows NT 4.0, Microsoft Exchange Server 5.5
- Interchange format files such as Attribute Value Pair
- Oracle
- Typical Scenarios
- White Pages
- Address List Synchronization
- Multiple Hub
- Data-driven and Administrated Provisioning
After completing this module, students will be able to:
- Understand typical issues relating to various management agents
- Understand some typical MIIS 2003 scenarios
Before attending this course, students must have:
-
Familiarity with the following technologies:
- Windows Server 2003
- Active Directory
- Lightweight Directory Access Protocol (LDAP)
- Databases (both flat and relational)
- A programming language such as Microsoft Visual Basic
- Completed Course 2279, Planning, Implementing and Maintaining a Microsoft Windows2003 Server Active Directory Infrastructure, or have equivalent knowledg