ThirdSpace ThirdSpace
ThirdSpace
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Solutions
  • People
Load more
21 May 2019

MIM to the maximum: Advanced identity reporting and user controls

  • Identity and access management
  • Forefront Identity Manager
  • Microsoft Identity Manager
Ian Bassi

Improve your identity intelligence across the Microsoft stack and discover a way to maximise your MIM investment as you extend identity management into the Cloud.

At ThirdSpace, we work with a lot of partners to ensure we deliver the best solutions possible. One of those partners is SoftwareIDM.

I have been working closely with them on several projects for the last four years, and this blog is going to focus on how their solutions can enhance your existing identity management solution, enabling you to approach your challenges from a range of different use case scenarios.

SoftwareIDM has two main offerings:

  • Identity Panel: Contains several products, such as Time Traveler, Reporting, Uplift and MIM Test.
  • Service Panel: A modern UI portal for admin tasks and user self-service, helping you extend MIM functionality into the Cloud.

 

So, what is Identity Panel?

Identity Panel aggregates data across the Microsoft identity stack: directories, cloud services, databases, federation claim providers, and synchronisation engines.

It provides a single pane of glass for historical visualisation, operations management, troubleshooting, alerts, and more. Here are some of the stand-out features and benefits of the solution.

Time Traveler™

The benefits of using Identity Panel is that it significantly improves the reporting available within Microsoft Identity Manager (MIM). It allows you to present a user’s data, from all data sources, in a single view. The Time Traveler feature then allows you to go back and view the history at any set date.

This is a great feature for identifying when something has changed and understanding why it happened.

Did someone change something in HR, such as a job title, only for HR to change it back? Or did someone do something in the Active Directory?

Intelligent Reporting

SoftwareIDM’s reporting is easy to configure and can report on any data in Identity Panel. All kinds of reports are available, provided the data is present in Identity Panel, and all the reports can be configured to generate as and when required – and be emailed out as well.

Other features

Other features, such as Uplift for MIM (any previous customers who are aware of what OxyGen is, Uplift is a portal based UI version, similar to how Azure AD Provisioning Service configuration works, only more complex and powerful), allow you to configure and manage your sync engine from the portal.

Another useful little feature is MIM Test, this allows you to test and confirm the solution is working as expected, and you can schedule and optimise your sync cycles.

There’s a large amount of health checks available to keep an eye on your IDM environment, and you’ll be alerted if any issues occur. And with the change tracking built into Identity Panel, if you make any changes to your reports, MIM Configuration or anything else within Identity Panel, it can be easily rolled back and restored.

 

What does Service Panel do?

Service Panel is a modern UI self-service and user management portal. It allows users to perform self-service actions on their own data or any data they are granted permission to.

This makes it a great tool to use for managing the access users have, creating new users or managing groups. Because Service Panel is connected to all your data sources, it can create users, groups, contacts or any object that is available directly in AD or Azure AD or any other data source that it is connected to – enabling you to extend MIM functionality into the Cloud.

Service Panel gives you an event driven identity management, with MIM providing the resilience of a state-based identity solution.

Other features of Service Panel include using it as a white page or to allow users to set their initial password. This is done via sending the user an email, which contains a secure link to a web page, where a code is entered to verify who the user is. Once the password is set, the user can then be guided to enrol in multi-factor authentication (MFA). A fantastic experience for new starters.

Webinar: Make the identity leap

Watch 'The identity leap: Agile reporting and UI add-ons that MIM users and admins will love' and discover how to:

  • View and report on identities across MIM and other connected systems
  • Easily generate powerful reports on user status and changes
Watch on-demand now

Deployment scenarios

Both products are available as either an on-premises solution or as SaaS. With the on-premises solution, you install the product and manage it on your own servers. This is a great approach if you’re only hosting users on-premises, or if you want to keep your identity data local.

If you’re using Azure AD, then it makes sense to use the SaaS approach. This allows Identity Panel and Service Panel to be accessed using your Azure AD account.

This approach has several benefits:

  1. As the solution is hosted in the Cloud, you don’t need any additional on-premises servers (although you may want to for security and performance purposes) and don’t need to worry about updating or patching the product.
  2. Your identity solution is easier to manage, you can now easily access it from any device, but still go through all the security processes you put in place for Azure AD access. Also, if you want users to go through MFA before accessing Identity Panel, you can control that.
  3. It also makes it easier for us to manage and support your solution. Because it’s a SaaS application, we don’t need to VPN in or use your hardware to access and manage your solution. We can login with our Azure AD account, look at the issue, and often resolve it then and there.

So, let’s look at the different scenarios where Identity Panel and Service Panel might be of use.

Scenario 1

You are already running the latest version of MIM and you have no plans to upgrade your infrastructure in the future. But you are struggling to understand how all your identities are moving around and MIM Reporting does not show the full picture.

In this scenario, deploying Identity Panel for its reporting and Time Traveler features is the perfect fix for your challenges. As discussed above, Identity Panel allows you to connect all your user identities together in a single view and understand what has happened to them through the identities journey.

Scenario 2

You’re looking to upgrade from FIM to MIM, or looking to upgrade to Windows Server 2016, and have come across the SharePoint Licence challenge.

Windows Server 2016 is the first version of Windows Server that does not support SharePoint Foundation 2013, and therefore requires SharePoint 2016. Therefore, considering how MIM Portal uses SharePoint, you will need to have SharePoint 2016 licences to deploy MIM Portal on Windows Server 2016.

Please check with your Microsoft licensing provider to review your organisation’s current licensing position and evaluate the specific licences required to deploy SharePoint 2016 for use with MIM.

In this scenario, it could make sense to deploy both Service and Identity Panel. Service Panel provides the portal experience for users, and Identity Panel is used to manage and configure the solution.

If you already have FIM/MIM Portal deployed, don’t worry about your previous investments. Service Panel can provide a portal that sits in front of the MIM Service, so all the Workflows, Sets and MPRs continue to work as before.

Scenario 3

You only have identities in the Cloud and want to provide a self-service portal and enhanced reporting.

This is where you would use both the SaaS Identity Panel and Service Panel offering, allowing you the rich reporting and Time Traveler functionality, with the ability for users to self-service as required.

 

Summary

If you’re looking for a single pane of glass view for historical identity changes, richer identity reporting and intelligent alerts to augment your existing MIM investment, then Identity Panel is well worth a closer look.

Additionally, if your organisation already has MIM and you are looking to move to the Cloud, Service Panel can provide an excellent opportunity to extend your MIM functionality, allowing you to leverage maximum value from your investment.

Not only will you get fantastic reporting and a wonderful modern UI portal, but you can potentially save a lot of money as well.

Watch our SoftwareIDM on-demand webinar for a deeper dive into these technologies or get in touch to book a free half-day Identity Envisioning Workshop to understand what Identity Panel and Service Panel can do for your organisation.

You may also like...

Blog

Microsoft’s cloud identity strategy – 11 key moments from the Alex Simons 2019 keynote

Blog

Microsoft Ignite 2019 – Identity and security highlights

Blog

Creating a cloud identity strategy: What you need to know

Recent Blog Articles

View All
Author
Ian Bassi
Senior Consultant
Learn More

Apply for a free Identity Management Workshop

Envision a secure future, with automated user management and controlled access.

Apply for free workshop
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.