Enterprise Mobility and Security Blog

RSS

Howdy folks,

Big news today – Microsoft Identity Manager 2016 has reached General Availability!

Microsoft Identity Manager (and its predecessor, Forefront Identity Manager) is used by many of Microsoft’s largest customers around the world to automate their on-premises identity workflow. I’m really excited by the value and innovation this version delivers for those customers.

Shai Kariv is the Group Program Manager for MIM and also drives the Privileged Identity and Enterprise Role Management features of Azure AD Premium. I’ve asked him to blog about some of the details below. Shai is going to be a frequent contributor to the blog going forward now that MIM is widely available!

And as always, we’d love to receive any feedback or suggestions you have.

Regards,

Alex Simons (Twitter: @Alex_A_Simons)

Director of Program Management

Microsoft Identity and Security Services Division

——————-

Hi everyone!

I’m Shai Kariv, responsible for the Program Management of a few investments we’re running on the Active Directory team. Some of my team member have blogged here in the past about the upcoming release of Microsoft Identity Manager 2016 – and today I’m here to announce general availability!

Please refer to the official Microsoft communication here and here for the available channels for getting the final product version.

On behalf of the product team, I would like to extend a huge THANK YOU to the hundreds of customers and partners who tried out the multiple CTPs (Community Technical Previews) and Beta versions along the development cycle, and provided invaluable feedback.

We did our best to listen hard and deliver! Including in the very last product version announced today, which added several important capabilities based on YOUR feedback from using the latest CTP:

  • Windows 10 full support!
  • Advanced scheduling options for privileged role activations, including self-service and approval options.
  • Deep-scan security monitoring to detect anomalies across forests, like suspicious membership in privileged groups or use of SID history.
  • Major additions to the PowerShell interface, including more search and management cmdlets, and updates to help and samples.

What is Microsoft Identity Manager 2016

This major new version of Identity Manager is an overall modernization of capabilities and experiences relative to the previous version, FIM 2010 R2.

We added programmatic interfaces such as a RESTful API and PowerShell commands, and expanded the supported operating systems, server products and browser versions based on customer input.

Additionally, we’re very proud about some of the innovations introduced in this product version, in the areas of Security (privileged identity management), Hybrid identity management, new self-service capabilities, and new certificate management experiences.

For more extensive information about Microsoft Identity Management features and themes, check out previous posts in this blog: here, here, here, and here.

Great news for Windows 10 users! Microsoft Identity Manager not only adds experiences for Windows 10, but actually it has greater value for you, because it leverages the intrinsic Windows Server 2016 new Active Directory capabilities: time-limited group memberships and foreign principal groups.

What’s next

In the next 90 days we plan to release an add-on deployment pack for Microsoft Identity Manager, to further simplify automating the preparation of the privileged identity management environment, and hardening it: setting up the privileged AD forest security principals, configuring cross-forest trust, turning off unnecessary interfaces and capabilities, and so on.

We are eager to help out with production deployments, fresh ones or migration from previous product versions. We’re curious to get feedback on the product overall, and especially the new capabilities. The team is already busy with planning the next waves of product deliveries.

In closing

The Azure AD team is committed to continue investing in hybrid IT environments, because this is the reality for enterprise customers: public cloud as well as on-premises AD environments.

We would like to keep hearing from you! We welcome your input and feature requests in the forum. And I invite you to follow me on Twitter in order to stay up-to-date on everything we do.

Thank you!

Shai Kariv (Twitter: @shaikariv)

Principal PM Manager

Microsoft Identity and Security Services Division