Marc Lognoul's IT Infrastructure Blog

Cloudy with a Chance of On-Prem

Revisiting the Microsoft Online immutable ID design decision

Leave a comment

Hybrid Identity

Some time back I posted about Azure Active Directory synchronisation using Forefront Identity Manager (FIM) 2010 R2 and the Azure AD Connector. My focus was multi-forest deployments, but as we know this topology was required for several advanced scenarios too. Microsoft have since shipped Azure AD Synchronization Services (AADSync), soon to be rebranded Azure AD Connect (AAD Connect), which negates the need for FIM for most deployments and further solidifies the mentality that the Azure AD identity bridge should be separate from the enterprise identity management solution.

Having deployed quite a few FIM and AAD Connector topologies for large, enterprise customers, and having been involved in planning and design, implementation and deployment and post go live support and transfer to operations I have learned, the hard way, that the immutable ID design artefact is a massive consideration, too often overlooked and not understood. I talked about this in my post

View original post 1,074 more words

Author: Marc L

Relentless cloud professional. Restless rider. Happy husband. Proud father. Opinions are my own.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s