Tag Archives: ADMA

Implementing Exchange Online with an existing on-premises identity management solution that provisions mailboxes

I’m going to start this post with a bold statement.  Implementing Exchange Hybrid in an enterprise environment that has an existing on-premises identity management (IdM) capability that provisions on-premises mailboxes is not easy.  Especially when that on-premises IdM solution is … Continue reading

Posted in FIM, FIM 2010 R2, Office 365 | Tagged , , , , , , , | 6 Comments

Delegating the minimum set of permissions for mailbox-enabled user and linked mailbox provisioning

In my previous post I described the minimum set of permissions required by the ADMA account to provision an AD DS user object.  In this post I’d like to expand on that and provide the minimum set of permissions required … Continue reading

Posted in Active Directory, FIM, FIM 2010, FIM 2010 R2 | Tagged , , , , , , , , , , , , , , , , , , , | 3 Comments

Delegating the minimum set of permissions for user provisioning

The purpose of this post is to provide information on the permissions required by the user account that the Active Directory Domain Services (AD DS) Management Agent (MA) or ADMA uses when it interfaces with an AD domain.  I’ve seen … Continue reading

Posted in Active Directory, FIM, FIM 2010, FIM 2010 R2 | Tagged , , , , , , , , , , , , , , , | 5 Comments

FIM Self-Service Password Reset (SSPR) and Active Directory password policy

Forefront Identity Manager (FIM) 2010 Update 1, when coupled with a Windows Server 2008 R2 Service Pack 1 (or Windows Server 2008 Service pack 2 or Windows Server 2008 R2 RTM plus hotfix) Primary Domain Controller Emulator (PDCe) Operations Master … Continue reading

Posted in FIM, Self Service Password Reset | Tagged , , , , , , , , , | 2 Comments