Microsoft Bhold Forefront Identity Manager [EOL] Reviews

The sync engine is key, and the ability to have it up and running in full in a very short time.

I don't think it has yet, for my current organization it seems more like a step back rather then a step forward, but the issue for them and why they made the change was based on cost, as the previous solution was too expensive to continue within the budget. I guess you could say that the biggest improvement was that we have more money because of it.

The synchronization server function, which is easy to manage, is a good and stable product. I'd rate this function 8/10.

It enabled managing the content of multiple Active Directory, keeping content consistently in-sync with each other and with external HR and card management solutions. It also made it easier to migrate content between those directories.

• FIM 2010 Portal
• Group Management
• DL Management using MS Office through FIM 2010
• FIM SSPR

Previously my client used MIIS but now it has been migrated to FIM 2010 SP1. MIIS was only using the Synchrinization Server. Using FIM 2010 other features are available like DL management through the portal, End User FIM Portal, and also FIM SSPR. These provide a good improvement in functions to our organization.

• Provisioning and life-cycle management
• Portal for identity management administration
• Extensible framework for the development of custom management agents
• Service Oriented Architecture for the integration of portal and clients with FIM service
• Password Synchronization
• Criteria based group management
• Group membership approval

As an identity and access management consultant, I deploy FIM to clients looking to implement security controls through the automated provisioning user accounts and improve operational efficiencies in managing digital identities. This typically leads to a better security posture and reduced operational costs as well as improvements through self service capabilities.

• Extensible and reliable identity provisioning and synchronisation
• Extensible workflow and policy engine
• Extensible delegated access management platform with web UI
• PowerShell-aware web API

I consult in the implementation of this product for my customers. I advised where improvements are needed to improve operational efficiency, security compliance and transparency of policy.

For me the most valuable feature is being able to create a single source of truth between the ICT Department and Human Resources. The fact that there is a synchronisation between our HR database and Active Directory ensures that our end user information stays current which ties into our ITIL processes as well with Microsoft System Centre Service Manager

Within our Service request catalog, we frequently require authorisation from a requestors direct line manager or Business Unit representative. The fact that with FIM this information is kept up to date by setting up synchronisation between the HR databases and our Active Directory, ensures that the Service Requests are processed and fulfilled correctly and places the responsibility on our end users.

• Portal
• Group
• Password Management

It will improve productivity, reduce the administrative cost & help-desk by automating the identity management tasks (provisioning, de-provisioning, access management) for an organization.

Synchronization with applications for automation.

The product is helping the organization to use this as a request based service through which access also gets placed after approval from the portal itself, without human intervention being required.