MIM Foundation Training Course

MIM Foundation Training Course
Microsoft Identity Manager training

This course is a great way to really start understanding exactly how it works. Before it, I had a rough idea from what colleagues had shown me. But this training really drastically expanded my knowledge to the point where I’m now more comfortable supporting MIM.

Danny, IT Professional, UK

Online Self-Paced Course

Learn in your own time with tutor support. Start any time!

Live Instructor-Led Course

Attend from anywhere via Teams

plus VAT if applicable

Course code: A620

Available as a public and private course via Teams

Find out more about private training or ask us about it here.

Who is our Microsoft Identity Manager MIM Foundation Training Course for?

Oxford Computer Training’s MIM Foundation training course is designed for systems engineers, developers and technical architects who:

  • Have little or no previous MIM or FIM experience
  • Need to understand how MIM (or FIM) can be used to manage identity information across a range of directories or databases
  • Want to review the technology in some depth

This and our other MIM courses are suitable for those using FIM – the differences are highlighted throughout our courses. Find out more.

All students taking our MIM Foundation Training Course course should have a sound understanding of the purpose, and some experience of the workings of, Active Directory (AD), Exchange and SQL Server.

Read what students say about this course.

See more feedback about our MIM Foundation courseThe training comprises presentations, discussions, demonstrations, and a lot of hands-on exercises to introduce and explain the many powerful features of MIM.

At the end of the training students will be able to:

  • Understand MIM concepts and components
  • Identify appropriate MIM scenarios
  • Manage users, groups and passwords using MIM
  • Synchronize identity data across systems, such as AD and HR
  • Understand the issues involved in loading data (initial load, backup, and disaster recovery)
  • Configure security for different levels of user
  • Manage password self-service reset and synchronization
  • Automate run cycles
  • Handle sets, simple workflows and MPRs

Post-course, you’ll have:

  • Perpetual access to the course e-manual
  • 4 weeks’ access (from the course start date) to:
    • 22 lectures covering the entire course, and specifically designed and recorded to support online learning
    • 15 lab demos – videos of all the labs performed in class, including helpful tips. tricks and explanations to improve understanding
    • 8 revision quizzes which can be taken as many times as you like – a fun way to test your knowledge!

The Privileged Access Management (PAM) feature of MIM is covered in a separate one-day course.

We also run MIM Advanced and MIM Expert courses. Not sure which is right for you?

Take this MIM 2016 Foundation training course instructor-led live via Teams, or online self-paced. If you have a team to train, a private course will be the most cost-effective and beneficial way to learn.  Discover all the ways to learn.

This MIM Foundation Training Course is available: live instructor-led via Teams | online, self-paced | private training via Teams

Module 1: Introducing Microsoft Identity Manager

This module involves a tour of many of the built-in features of MIM through the user experience, in which the student becomes familiar with the interface, the high-level architecture, and the business needs MIM addresses. At this point you see the ‘finished article’ – the rest of the course is spent understanding how this works, and building the ‘finished article’ from a raw installation. The lab is a walkthrough of creating a new user and managing groups and credentials for that user – as well as the experience of that new user.

Module 2: The Synchronization Service Manager

In this module, we introduce the MIM Synchronization Service Manager and explain its features through scenarios that do not use the MIM Portal. We introduce the main tools (Metaverse Designer, Operations Tool, Joiner, etc.), and we cover the basic configuration of a Management Agent along with run profiles, verifying results, and simple Metaverse searches. During the lab, a new Management Agent (MA) is created for a simple HR system.

Module 3: More about Synchronization

Here we look at various types of MA, including LDAP and file-based sources, with a particular emphasis on Inbound and Outbound Synchronization. We cover in detail: filters, join and projection rules, connectors and disconnectors, provisioning, de-provisioning, different kinds of attribute flow, etc. In the lab, two more MAs are created, and a simple data-driven scenario for managing a directory (AD LDS) is established.

Module 4: The MIM Service and Portal

We then examine the MIM Service and application database, introducing key concepts such as sets, workflows, and policies, and how permissions are granted. Next, we look at how the MIM Service integrates with the MIM Synchronization Service, and how data flows between them. The labs build a MIM MA and flow our HR data from the Synchronization Service to the portal, and portal data to the Synchronization Service.

Module 5: Managing Synchronization from the Portal

In this module we cover the concept of portal-based Synchronization Rules, and how they compare with the “Classic” Rules we have considered so far. We consider how and where to use Portal Synchronization Rules, Workflows, and Management Policy Rules (MPRs), including more complex attribute flows. We examine the special considerations required when managing Active Directory user accounts. The labs make use of Synchronization Rules. The lab also covers configuring MIM so that users are automatically created (provisioned) into AD, renamed, and removed (de-provisioned) as necessary.

Module 6: Credential Management

Primarily this module is about passwords. We mention Certificate Management, but this is a large subject with a course of its own. We discuss self-service password reset in detail (including text message, email, and ‘MFA’ approaches) – we also discuss self-service account unlocking (new with MIM). We cover password synchronization. The labs cover nearly all aspects of password management in MIM, except some more advanced topics (like writing custom password management workflows and extensions), or configuration which is hard to do in a classroom environment (like Azure MFA).

Module 7: Group Management

This module covers the management of distribution and security groups – including the relationship between groups in AD and other systems. More work is done on Synchronization Rules, Workflows, and MPRs. We cover the configuration of workflow approvals. The labs build on our scenario to include the management of various types of groups in AD.

Module 8: Other Considerations

In this module, we draw together the threads of what is perhaps the most important feature of the MIM Service – MPRs: the different types, different uses, how they are processed, and how to troubleshoot them. We then look at some operational considerations, including the management of run cycles using scripts, and also backup, restore, and disaster recovery. Various labs cover additional features of MPRs and provide experience in operational matters. The last of these labs puts the finishing touches on what has – perhaps surprisingly – turned out to be quite a thorough proof-of-concept system. This module also gives an overview of two “extensions” to MIM’s capabilities: Roles Based Access Control, and Privileged Access Management.

This course is intended for Systems Engineers, Developers, Architects and Project Leaders who need to gain a good understanding of how MIM can be applied to managing identity information across a number of directories or databases.

It is also suitable for those people who simply want to review the technology in some depth. All students should have a sound understanding of the purpose and some experience of the workings of Active Directory (AD), Exchange and SQL Server.