Microsoft FIM vs AD

Question

what is the difference between Microsoft FIM and AD authentication.What does it additionally provide.is FIM based on LDAP.what are the alternatives for FIM

Answer 1

FIM is An ForeFront Identity management (FIM) system is a framework for business processes that facilitates the management of electronic identities. The framework includes the technology needed to support identity management.

FIM technology can be used to initiate, capture, record and manage user identities and their related access permissions in an automated fashion. This ensures that access privileges are granted according to one interpretation of policy and all individuals and services are properly authenticated, authorized and audited.

FIM Provide

1.User Management 1.store users in application database 2.Simple Identity data: Display name,telephone number,email 3.Administrative data:employee Id ,manager,start/end date,objectSID 4.System Data:creator,created time,resource ID.resource type 5.Search Capabilities

2.group Management 1.Three types of memebership 1.manual 2.manager-Based 3.criteria-based 2.Automatically Updated (when group member changes) 3.Easy to integrate with Active Directory 1.Distribution and security 2.Domain local,global and Universal 3.can be email enable 4.Extensible to support other data sources 5.Owership 1. can be use for permission 2.approval of membership additions

3.credentials management 1.Certificate Management(FIM -CMS) 2.self-service password reset 3.Password Synchronization

4.policy management 1.Can be implemented through Management policy rules(MPRs) 2.Powerful and flexible

There is no relation between AD authentication and FIM.

Using AD Authentication you can authorize user to access different resources in distributed network. Eg.ADFS -Active Directory Federal Services