Forefront Identity Manager

Microsoft Forefront Identity Manager
Developer(s)	Microsoft
Initial release	2010;14 years ago
Stable release	2010 R2 / June 14, 2012;12 years ago
Operating system	Windows Server 2008 R2
Platform	x86-64
Type	Identity management
License	Proprietary
Website	learn.microsoft.com/en-us/microsoft-identity-manager/microsoft-identity-manager-2016

Last updated July 10, 2024

Microsoft Forefront Identity Manager (FIM) is a state-based identity management software product, designed to manage users' digital identities, credentials and groupings throughout the lifecycle of their membership of an enterprise computer system. FIM integrates with Active Directory and Exchange Server to provide identity synchronization, certificate management, user password resets and user provisioning from a single interface.

Overview

Part of the Microsoft Identity and Access Management platform product line, FIM superseded Microsoft Identity Lifecycle Manager (ILM),^[1] and was known as ILM 2 during development. ILM 2007 was created by merging Microsoft Identity Integration Server 2003 (MIIS) and Certificate Lifecycle Manager (CLM).

FIM 2010 utilizes Windows Workflow Foundation concepts, using transactional workflows to manage and propagate changes to a user's state-based identity. This is in contrast to most of the transaction-based competing products that do not have a state-based element. Administrators not only can create workflows with the web-based GUI of ILM 2 portal but also include more complex workflows designed outside of the portal by importing XAML files.^[2]

FIM 2010 R2 (Release 2) was released in June 2012 and has extra capabilities:

Improved Self-service Password Reset which supports all current web browsers
Role Based Access Control (RBAC) via the acquisition of BHOLD Software
Improvement to the Reporting engine via the System Center Service Manager and MS SQL Server reporting Services (SSRS)
A WebServices Connector to connect to SAP ECC 5/6, Oracle PeopleSoft, and Oracle eBusiness
Improvements in the areas of performance, simplified deployment and troubleshooting, better documentation, and more language support.

Codeless provisioning

Forefront Identity Manager introduces the concept of "codeless provisioning",^[3] which allows administrators to create objects in any connected data source without writing any code in one of the .NET Framework languages.

The codeless provisioning provided in FIM should be able to sustain most of the simple to medium complexity scenarios for account lifecycle management. FIM fully honors existing MIIS implementations and supports "traditional" coded provisioning side-by-side with code-less provisioning methods.

Related Research Articles

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services. Originally, only centralized domain management used Active Directory. However, it ultimately became an umbrella title for various directory-based identity-related services.

Windows Server 2003, codenamed "Whistler Server", is the sixth version of the Windows Server operating system produced by Microsoft. It is part of the Windows NT family of operating systems and was released to manufacturing on March 28, 2003 and generally available on April 24, 2003. Windows Server 2003 is the successor to the Server editions of Windows 2000 and the predecessor to Windows Server 2008. An updated version, Windows Server 2003 R2, was released to manufacturing on December 6, 2005. Windows Server 2003 is based on Windows XP.

BEA Systems, Inc. was a company that specialized in enterprise infrastructure software products, which was wholly acquired by Oracle Corporation on April 29, 2008.

Oracle Internet Directory (OID) is a directory service produced by Oracle Corporation, which functions compatible with LDAP version 3.

Identity management (IdM), also known as identity and access management, is a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources. IdM systems fall under the overarching umbrellas of IT security and data management. Identity and access management systems not only identify, authenticate, and control access for individuals who will be utilizing IT resources but also the hardware and applications employees need to access.

Microsoft Servers is a discontinued brand that encompasses Microsoft software products for server computers. This includes the Windows Server editions of the Microsoft Windows operating system, as well as products targeted at the wider business market. Microsoft has since replaced this brand with Microsoft Azure, Microsoft 365 and Windows 365.

Windows Server 2008, codenamed "Longhorn Server", is the seventh release of the Windows Server operating system produced by Microsoft as part of the Windows NT family of the operating systems. It was released to manufacturing on February 4, 2008, and generally to retail on February 27, 2008. Derived from Windows Vista, Windows Server 2008 is the successor of Windows Server 2003 and the predecessor to Windows Server 2008 R2. It removed support for processors without ACPI, and is the first version that includes Hyper-V.

Microsoft Forefront Threat Management Gateway, formerly known as Microsoft Internet Security and Acceleration Server, is a discontinued network router, firewall, antivirus program, VPN server and web cache from Microsoft Corporation. It ran on Windows Server and works by inspecting all network traffic that passes through it.

Ilm or ILM may refer to:

Oracle Fusion Middleware consists of several software products from Oracle Corporation. FMW spans multiple services, including Java EE and developer tools, integration services, business intelligence, collaboration, and content management. FMW depends on open standards such as BPEL, SOAP, XML and JMS.

Microsoft Identity Integration Server (MIIS) is an identity management (IdM) product offered by Microsoft. It is a service that aggregates identity-related information from multiple data-sources. The goal of MIIS is to provide organizations with a unified view of a user's/resources identity across the heterogeneous enterprise and provide methods to automate routine tasks.

Microsoft Forefront is a discontinued family of line-of-business security software by Microsoft Corporation. Microsoft Forefront products are designed to help protect computer networks, network servers and individual devices. As of 2015, the only actively developed Forefront product is Forefront Identity Manager.

IBM Tivoli Identity Manager, also known as TIM, ITIM, or ISIM, is an Identity Management System product from IBM.

Configurable Network Computing or CNC is JD Edwards's (JDE) client–server proprietary architecture and methodology. Now a division of the Oracle Corporation, Oracle continues to sponsor the ongoing development of the JD Edwards Enterprise Resource Planning (ERP) system, While highly flexible, the CNC architecture is proprietary and, as such, it cannot be exported to any other systems. While the CNC architecture's chief 'Claim to fame', insulation of applications from the underlying database and operating systems, were largely superseded by modern web-based technology, nevertheless CNC technology continues to be at the heart of both JD Edwards' One World and Enterprise One architecture and is planned to play a significant role Oracle's developing fusion architecture initiative. While a proprietary architecture, CNC is neither an Oracle nor JDE product offering. The term CNC also refers to the systems analysts who install, maintain, manage and enhance this architecture. CNC's are also one of the three technical areas in the JD Edwards Enterprise Resource Planning ERP which include developer/report writer and functional/business analysts.

Windows Essential Business Server 2008 was Microsoft's server offering for mid-size businesses. It was released to manufacturing on 15 September 2008 and was officially launched on 12 November 2008. It was discontinued on 30 June 2010.

User provisioning software is software intended to help organizations more quickly, cheaply, reliably and securely manage information about users on multiple systems and applications.

SAP Logon Tickets represent user credentials in SAP systems. When enabled, users can access multiple SAP applications and services through SAP GUI and web browsers without further username and password inputs from the user. SAP Logon Tickets can also be a vehicle for enabling single sign-on across SAP boundaries; in some cases, logon tickets can be used to authenticate into 3rd party applications such as Microsoft-based web applications.

A Microsoft account or MSA is a single sign-on personal user account for Microsoft customers to log in to consumer Microsoft services, devices running on one of Microsoft's current operating systems, and Microsoft application software.

HP CloudSystem is a cloud infrastructure from Hewlett Packard Enterprise (HPE) that combines storage, servers, networking and software.

Avatier Corporation is Pleasanton, CA based software development company notable for its identity management software.

References

↑ "FIM 2010 RTM Announcement". Microsoft Corporation. Archived from the original on 2010-03-13.
↑ "ILM "2" Glossary". Microsoft Corporation. Archived from the original on 2008-12-08.
↑ "Build a Single-Step Provisioning Workflow". Aung Oo, Microsoft Corporation. 8 September 2016.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "FIM 2010 RTM Announcement". Microsoft Corporation. Archived from the original on 2010-03-13.

[2] "ILM "2" Glossary". Microsoft Corporation. Archived from the original on 2008-12-08.

[3] "Build a Single-Step Provisioning Workflow". Aung Oo, Microsoft Corporation. 8 September 2016.

[1]

[2]

[3]

v t e Microsoft security products
Numbers in brackets are the years of the initial release of the product.
For Windows	Windows Firewall [2001] Baseline Security Analyzer [2004] Malicious Software Removal Tool [2005] Microsoft Defender Antivirus [2006] Microsoft SmartScreen [2006] Microsoft Safety Scanner [2011]
For Windows Server	Exchange Online Protection [2007] System Center Data Protection Manager [2007] Identity Manager [2010]
Discontinued	MSAV [1993] Threat Management Gateway [1997] Microsoft Security Essentials [2009] OneCare Safety Scanner [2006] Unified Access Gateway [2007] Windows Live OneCare [2006] RootkitRevealer [2006] Enhanced Mitigation Experience Toolkit [2009]
Related topics	Data Execution Prevention Kernel Patch Protection Mandatory Integrity Control MS Antivirus (malware) User Account Control