Monday, August 30, 2010

FIM Best Practices Volume 1: Introduction, Architecture and Installation of FIM 2010


Thanks in large part to the efforts by my esteemed colleague David Lundell, the first volume of the FIM Best Practices series is now available for purchase online via print-on-demand here:

To purchase a copy of the book please follow this link

Thursday, August 26, 2010

Download details: Forefront Identity Manager 2010 (FIM 2010) SDK Documentation

I'm a few weeks late but I'm sure I will need to find this again myself in the near future, so here it is – the FIM 2010 SDK! The link at the bottom contains the CHM files, or follow this link for the same content on MSDN:

Thanks Megan!

Download details: Forefront Identity Manager 2010 (FIM 2010) SDK Documentation

Tuesday, August 10, 2010

FIM 2010 – Adding and Removing Columns in FIM List views

Back in the RC0 timeframe the list view columns were fixed despite your best efforts to change the list of attributes that your Search Scopes returned. I was pleasantly surprised to see today that it was fixed (in RC1 actually) which allows you to change the columns entirely. For instance:

Here I've added EmployeeID, EmployeeStatus and a custom field I'm contributing from AD – the last logon timestamp. Better yet, we can customize the view we see in Search Requests:

It's a little cluttered but you get the idea, some of the information you're used to digging into the request to get you can surface in the default view.

How to Customize the Column Listing Using Search Scopes

This is all about changing the attributes that are returned as part of the Search Scope being applied. Whenever you see the "Search within:" box you'll see a list of options to choose from – those are Search Scope objects that you can customize. You can do this with any Search Scope potentially, but I'll demonstrate how to customize the "All Users" scope which is displayed by default when you hit the Users page.

  1. Navigate to Administration/Search Scopes
  2. Find the "All Users" scope and select it (edit)
  3. Select the Results tab

The one I'm using in my example (sans the last logon timestamp custom attribute) is:


  1. Finish and Submit your changes
  2. IISRESET each of your frontend web servers or wait 24 hours for the cache to timeout

Thursday, August 05, 2010

FIM 2010 – Well-known GUIDS

Within the FIM Service there are a few "well-known" GUID's that are used. Being "well-known" they are the same on every installation and I thought I'd document them here quickly:


Built-in Synchronization Account


FIM Service Account




You should also be able to use these to override the Actor ID property in your custom WF in order to "run as" another identity. For instance, the built-in Function Evaluator executes as the FIM Service Account.

Wednesday, August 04, 2010

How to: Create a Custom Logging Activity

For those of you still waiting for official documentation on how to create your own workflow activities for FIM, there is a new "How to" describing the process for creating a logging activity. This patterns pretty closely after the we did back in the Release Candidate timeframe.

I'm guessing I need to go thank Megan for the excellent work! :)

How to: Create a Custom Logging Activity

Newer Posts Older Posts Home