Simplified Framework for Managing User Identities
Microsoft Forefront Identity Manager 2010 (FIM) changes the current state of identity management by providing powerful end user self-service capabilities. IT Professionals are also given more tools to solve day-to-day tasks such as delegating administration and creating workflows for common identity management tasks. In addition, FIM 2010 is built on a .NET and WS-* based foundation for developers to build more customized and extensible solutions.
FIM 2010 delivers solutions to manage user accounts and access, password- and certificate-based credentials such as smart cards, and identity-based policies across Windows and heterogeneous environments.
Policy Management for Microsoft Forefront Identity Manager 2010
FIM 2010 establishes a framework for automating and integrating identity management so all enterprise systems use the same set of policies. This is accomplished through:
Centralized authoring, enforcement, and auditing of policies
IT administrators can manage policies that govern users and groups with menu-driven controls, thereby reducing the risk of noncompliance.
Extensible Windows Workflow Foundation–based workflows
IT can use these to approve account creation and delegate tasks and other such actions, and can easily extend them to deliver complex custom workflows.
FIM 2010 integrates the management of credentials for both administrators and end users through:
Credential lifecycle management integrated with provisioning
IT professionals can manage the process of provisioning accounts and credentials using a single tool.
Centralized management of multiple credentials
Such as Microsoft and third-party certificate authorities
Across systems enabling simplified sign-on
Intuitive experiences built into the Windows desktop
Log on so users can reset their own passwords and provision their own smart cards
User Management for Microsoft Forefront Identity Manager 2010
FIM 2010 delivers tools for more efficient user provisioning and de-provisioning. These include:
Improved tools for user provisioning
Automated user provisioning is managed through a user interface rather than writing customized code.
Integrated provisioning of identities, credentials, and resources
IT can use FIM 2010 to create policies that seamlessly provision and de-provision the appropriate accounts, resources, and credentials.
Self-service profile management for users
IT can set policies to enable end users to update profile information, such as their phone numbers, and to require approvals for and notifications of user-generated changes. End users can use these pages to search for other users as a white pages application.
Group Management for Microsoft Forefront Identity Manager 2010
FIM group management helps increase end-user productivity, frees IT from repetitive identity management tasks, and provides better security and compliance through:
Self-service group management tools integrated into Office and SharePoint
These enable users to manage group membership requests using familiar applications and include enabling requests offline.
Automated dynamic updates of group and distribution groups. IT can use FIM 2010 management tools to create policies that keep groups and distribution groups up to date automatically.