Professional Documents
Culture Documents
Module 1
Overview of Access and
Information Protection
Module Overview
• What Is Identity?
• What Is Authentication?
• What Is Authorization?
• Overview of AD DS and Access and Information
Protection
• The Business Case for Access and Information
Protection Control
• AIP Management Solutions
• Discussion: How Do You Manage Identities in Your
Organization?
What Is Identity?
AD LDS:
• Provides directory service for applications
• Allows data synchronization with AD DS Allows
storage of application data
• Can run on Windows-based desktop operating
system
Overview of Windows Azure Active Directory
• What Is FIM?
• FIM Directory Synchronization
• Managing Identities with FIM
• Managing Certificates and Smart Cards with FIM
• Discussion: Business Scenarios for FIM Usage
What Is FIM?
Metadirectory services and user (de)provisioning Certificate and smart card management
Password management
Metaverse
person
Connected Employee Connector Connector User Connected
Data Source Space Space Data Source
FIM Service
Managing Identities with FIM
• User Provisioning
• User Management
• SharePoint-based portal
• Automated, codeless user provisioning and
deprovisioning
• Self-service management
• Group Management
• Rich group management capabilities
• Offline group membership approvals
• Manual, manager-based, and criteria-based group
membership
Managing Certificates and Smart Cards with FIM
Logon Information:
There are no virtual machines in this lab
A. Datum recently has partnered with Contoso, Ltd. Contoso needs access
to A. Datum’s web applications, but wants to ensure that users can continue
to use their current AD DS user accounts. The web team at A. Datum has
explained that they can make web applications claims aware.
Lab Scenario (continued)
• Review Questions
• Best Practice