Thanks in large part to the efforts by my esteemed colleague David Lundell, the first volume of the FIM Best Practices series is now available for purchase online via print-on-demand here:
Thanks in large part to the efforts by my esteemed colleague David Lundell, the first volume of the FIM Best Practices series is now available for purchase online via print-on-demand here:
I'm a few weeks late but I'm sure I will need to find this again myself in the near future, so here it is – the FIM 2010 SDK! The link at the bottom contains the CHM files, or follow this link for the same content on MSDN:
http://msdn.microsoft.com/en-us/library/ee652263.aspx
Thanks Megan!
Download details: Forefront Identity Manager 2010 (FIM 2010) SDK Documentation
Back in the RC0 timeframe the list view columns were fixed despite your best efforts to change the list of attributes that your Search Scopes returned. I was pleasantly surprised to see today that it was fixed (in RC1 actually) which allows you to change the columns entirely. For instance:
Here I've added EmployeeID, EmployeeStatus and a custom field I'm contributing from AD – the last logon timestamp. Better yet, we can customize the view we see in Search Requests:
It's a little cluttered but you get the idea, some of the information you're used to digging into the request to get you can surface in the default view.
This is all about changing the attributes that are returned as part of the Search Scope being applied. Whenever you see the "Search within:" box you'll see a list of options to choose from – those are Search Scope objects that you can customize. You can do this with any Search Scope potentially, but I'll demonstrate how to customize the "All Users" scope which is displayed by default when you hit the Users page.
The one I'm using in my example (sans the last logon timestamp custom attribute) is:
DisplayName;EmployeeID;EmployeeStatus;AccountName;OfficeLocation;OfficePhone;Email
Within the FIM Service there are a few "well-known" GUID's that are used. Being "well-known" they are the same on every installation and I thought I'd document them here quickly:
| Name | GUID |
|
Built-in Synchronization Account |
fb89aefa-5ea1-47f1-8890-abe7797d6497 |
|
FIM Service Account |
e05d1f1b-3d5e-4014-baa6-94dee7d68c89 |
|
Anonymous |
b0b36673-d43b-4cfa-a7a2-aff14fd90522 |
You should also be able to use these to override the Actor ID property in your custom WF in order to "run as" another identity. For instance, the built-in Function Evaluator executes as the FIM Service Account.
For those of you still waiting for official documentation on how to create your own workflow activities for FIM, there is a new "How to" describing the process for creating a logging activity. This patterns pretty closely after the we did back in the Release Candidate timeframe.
I'm guessing I need to go thank Megan for the excellent work! :)