Takeaways: FIM self-service password reset Meeting Customer Requirements

Takeaways: FIM self-service password reset Meeting Customer Requirements www.phwiki.com

Takeaways: FIM self-service password reset Meeting Customer Requirements

Mazzocco, Mary, Faculty Advisor has reference to this Academic Journal, PHwiki organized this Journal Self-Service Password Reset as long as Active Directory with Microsoft Forefront Identity Manager 2010 R2Jeff StaimanSenior Program ManagerMicrosoft CorporationSIA313 Takeaways: FIM self-service password resetReduces helpdesk costsImproves compliance outcomesIncreases user productivity in addition to satisfactionMeeting Customer Requirements Key Asks from TechEd 2011Broader user reachBroader browser supportMobile device supportMeet organizational security requirementsEnhanced knowledge-based authenticationSMS authenticationEmail authenticationImproved user experiencePortal customizationProgrammatic registrationStreamlined deployment

UEI College CA www.phwiki.com

This Particular University is Related to this Particular Journal

demo Self Service Password Reset in FIM 2010 R2FIM 2010 R2 Password Reset Components Example TopologyInternetBrowserReverse ProxyFIM Password Reset PortalFIM Password Registration PortalFIM ServiceActive DirectoryWindows FIM Password Reset Extensions(optional)FIM Sync ServiceSharePointFIM PortalInternetExplorerEnd UserEnd UserFIM AdminBrowserSMS Provider (optional)Email provider (optional)Other Directories (optional)IISIntranetMobile PhoneInstallation of FIM Password Portals 1Choose to install Password Portals

Installation of FIM Password Portals 2Specify whether host is extranet accessibleInstallation of FIM Password Portals 3Specify AD user account as long as PortalInstallation of FIM Password Portals 4Password Portals visible in IIS Manager

FIM Password Portals Post installation configurationConfigure SSLEnsure appropriate Kerberos configurationhttp://setspn.blogspot.com/search/label/Kerberoshttp:/social.technet.microsoft.com/wiki/contents/articles/3385.aspxhttp://blogs.msdn.com/b/webtopics/archive/2009/01/19/service-principal-name-spn-checklist- as long as -kerberos-authentication-with-iis-7-0.aspxhttp://support.microsoft.com/kb/929650Proxy configuration (if Internet-facing)Language Pack installationLocalization Password Reset & Registration Portals, FIM Password Reset ExtensionsFIM Portal in addition to Service33 languagesBulgarian, Chinese (Simplified), Chinese (Traditional), Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hindi, Hungarian, Italian, Japanese, Latvian, Lithuanian, Norwegian (Bokmal), Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian19 languages Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, Finnish, French, German, Italian, Japanese, Korean, Norwegian (Bokmal), Polish, Portuguese (Brazil), Portuguese (Portugal), Russian, Spanish, Swedish, Turkish

Upgrading to FIM 2010 R2First, deploy the R2 Server componentsExisting SSPR scenarios will continue to workThen, deploy the R2 clientR2 client requires the password registration portalOptionally:Modify workflow configuration to use new & improved gatesPassword Reset PolicyDetermine categories of users as long as password reset policySecurity requirementsApplicability of authentication methodsUser language preferenceImplement password reset policy as long as each category of userFIM resources: set, management policy rule, in addition to workflowCan set higher bar as long as extranet vs. intranetAuthentication Gates

Interactive Registration – QA GateUser sees admin-defined questionsUser enters answers to questionsAdmin can configure number of questions user can choose from, in addition to the minimum number user must answer to registerRegistration data stored in GateRegistrationObject (internal)Interactive Registration – OTP GatesData stored in two new properties on users in FIMOTPMobilePhone in addition to OTPEmailAddressProgrammatic RegistrationGoal: enable admin to programmatically register or unregister a user from an authentication workflowImplementation: PowerShell cmdletsDeployed with FIM Service componentNew Cmdlets added to existing PsSnapin (FIMAutomation)Typical use case involves writing a script to invoke the cmdlets as long as a defined collection of target users

New cmdletsGet-AuthenticationWorkflowRegistrationTemplateRegister-AuthenticationWorkflowUnregister-AuthenticationWorkflowConfirm-AuthenticationWorkflowRegistrationMigration to FIM Password ResetProgrammatic Registration – Scenario ExampleAutomate user registration as long as FIM Password ResetProgrammatic Registration – Scenario Example

Automated deregistrationProgrammatic Registration – Scenario ExampleHigher bar as long as extranet reset requests ApproachNew property as long as an authentication gate “Security Context”Administrator can optionally configure an workflow so that one or more gates apply only to requests from extranetExample:QA Gate applies to all requestsOTP SMS Gate applies only to requests from the extranetHigher bar as long as extranet reset requests How it works

Mazzocco, Mary Tempest Faculty Advisor www.phwiki.com

QA Gate ConfigurationNumber of questionsin the gateshown to the userrequired as long as registrationrequired as long as resetAllowed answersText to describe allowed answers to usersOne-Time Password Email Gate Whether email address during registration is editable by userLength of one-time passwordEmail template as long as sending the one-time passwordOne-Time Password SMS GateWhether mobile phone is editable by userLength of one-time passwordSMS text message that contains the security code

Windows ServerOne-Time Password SMS GateTypical steps include:Choose an SMS provider in addition to establish a service relationship Get documentation as long as the protocol/API which is implemented by the SMS service providerWrite SMS Provider to target this protocol/APICompile this code into a DLL with a specific filenameDeploy this DLL to the host of the FIM Service machine into a specific location FIM ServiceFIM OTP SMS GateSMS Provider DLLSMS ProviderUser’s Cellular Service ProviderUser’sCellphoneOne-Time Password SMS Gate: APIpublic void SendSms( string mobileNumber, string message, Guid requestId, Dictionary deliveryAttributes)Interface ISmsServiceProvider contains the function declaration. Interface is present in assembly Microsoft.IdentityManagement.SmsServiceProviderContract.dll.Assembly is present in FIM installation media.Lab guide with sample code here: http://technet.microsoft.com/en-us/library/hh824692(v=ws.10).aspx SSPR Portal CustomizationRequirementsEnable admin to customize portal as long as their environmentAccount as long as global user populationsPreserve good experience on upgradeApproachAdmin can define overrides to default portal user experience elementsScopeBanner graphicsUser interface textTheme: font, color, layout

Required SlideComplete an evaluation on CommNet in addition to enter to win!Please Complete an Evaluation Your feedback is important! Multiple ways to Evaluate SessionsBe eligible to win great daily prizes in addition to the gr in addition to prize of a $5,000 Travel Voucher!© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista in addition to other product names are or may be registered trademarks in addition to /or trademarks in the U.S. in addition to /or other countries.The in as long as mation herein is as long as in as long as mational purposes only in addition to represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, in addition to Microsoft cannot guarantee the accuracy of any in as long as mation provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Mazzocco, Mary Faculty Advisor

Mazzocco, Mary is from United States and they belong to Tempest and they are from  Fairfield, United States got related to this Particular Journal. and Mazzocco, Mary deal with the subjects like Local News; Student/Alumni Interest

Journal Ratings by UEI College

This Particular Journal got reviewed and rated by UEI College and short form of this particular Institution is CA and gave this Journal an Excellent Rating.