ECMA2 stands for Extensible Connectivity Management Agent. What is for and how does it work?
ECMA2 stands for Extensible Connectivity Management Agent. It started life as the way you can create a custom connection in Microsoft Identity Manager (MIM) to an identity store, but has gained a life outside of MIM (for example it is also present in Azure AD Connect).
Management Agents and Connectors
A Management Agent is how Microsoft Identity Manager (MIM) connects to identity stores such as directories, HR systems and cloud services. Microsoft is tending to use the term “connector” instead of “management agent” more and more – but this can cause some confusion, since there is a technical element within MIM that is also called a “connector”.
An important capability of an identity management system is its ability to communicate with every identity store in your organization. Microsoft Identity Manager (MIM) comes with some useful built-in Management Agents, but there is a huge (and growing) number of on-premises and in-cloud systems – hence the need for a “custom” management agent. ECMA2 provides this functionality.
One of the visions for ECMA2 was to enable customers and partners to create connectors to communicate with systems that Microsoft could not be expected to provide. Another was to allow Microsoft and partners to build connectors that can be supplied independently from the MIM software. Using ECMA2 a developer can produce a one-off Management Agent to connect to some particular system, with all the features expected in a MIM identity management architecture (like schema discovery, handling delta and full import at both the object and attribute level etc.) – but also a generic Management Agent which could be used in different implementation, or even provided for separate sale. (There are a very few limitations compared to the built-in Management Agents, but these are not likely to be of concern.)