Forefront Identity Manager
2010 Installation &
Configuration
Configuring the FIM Management Agent
Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under
copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or
transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for
any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights
covering subject matter in this document. Except as expressly provided in any written license agreement from
Microsoft, our provision of this document does not give you any license to these patents, trademarks, copyrights,
or other intellectual property.
The descriptions of other companies’ products in this document, if any, are provided only as a convenience to
you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot
guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief
highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these
products, please consult their respective manufacturers.
© 2013 Microsoft Corporation. All rights reserved. Any use or distribution of these materials without express
authorization of Microsoft Corp. is strictly prohibited.
Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United
States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective
owners.
ii
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
Configuring the FIM Management Agent
Before we can manipulate users and/or groups with the FIM Synchronization Engine, it is necessary that we create
Management Agents. Here, we will create a Management Agent for connecting the Synchronization Engine with the
FIM Service Portal.
Begin by opening the Synchronization Engine
Page 3
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
In the menu on the top right-hand corner, select “Create”
This will open the “Create Management Agent” wizard. For “Management agent for:”, select “FIM Service Management
Agent”. Enter a name for this MA, then click “Next” to continue
Page 4
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
Enter the name of the server, database and FIM Service base address. Next, select “Windows Integrated
Authentication” and enter the previously created service account, password and domain, then click “Next” to continue.
In the “Object Types” window, be sure to select “Person” and then click “Next” to continue.
Page 5
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
In the “Atrributes” window, you may select as many (or as few) attributes as you wish. Please note, however, that only
attributes selected here will be available in the FIM Portal.
For “Connector Filter”, you may leave these default and click “Next” to continue.
Page 6
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
For “Configure Object Type Mappings”, as a best practice, there are two things we should do. First, select “Group”,
click on “Add Mapning” and in the drop-down menu next to “Metaverse object type:”, select “group”. Click “OK”
Page 7
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
Next, select “Person”, click on “Add Mapping”, and in the drop-down menu next to “Metaverse object type:”, select
“person”. Click “OK”, and then click “Next” to continue.
For “Attribute Flow”, you may leave these default. Please note, if you wish you flow custom attributes, you will need to
create an associated flow here. Click “Next” to continue.
Page 8
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
For “Deprovisioning”, you may choose the default, choose to make explicit disconnectors or choose to stage a
deletion. Click “Next” to continue.
“Extensions” may be left default. To complete configuration and build the Management Agent, click “Finish”
Page 9
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
Page 10
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering