Exam 70-158
Microsoft Forefront Identity & Access Management, Configuring
Published: 20 November 2011
Languages: English
Audiences: IT professionals
Technology: Microsoft Forefront Identity Manager
Credit towards certification: MCTS
Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area in the exam. The higher the percentage, the more questions you are likely to see on that content area in the exam.
Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.
Plan and design FIM topology
Plan and design FIM topology
Identify single point of failure, match topology to performance requirements, capacity planning, design highly available implementations for FIM Service and Portal
Install the FIM Service and the FIM Portal
Microsoft SharePoint web configuration, service account permissions, prerequisites, certificates, groups
Upgrade Microsoft Identity Integration Server (MIIS)/Microsoft Identity Lifecycle Manager (ILM) to FIM 2010
Plan for upgrade, recompile extensions, upgrade SQL databases, upgrade third-party clients
Upgrade Microsoft Identity Integration Server (MIIS)/Microsoft Identity Lifecycle Manager (ILM) to FIM 2010
Plan for upgrade, recompile extensions, upgrade SQL databases, upgrade third-party clients
Deploy and manage client components
Automated installs, client images, multi-language support installation, plan for configuration of Microsoft Outlook for group management (Outlook plug-in for approvals and group management), use Group Policy objects (GPOs) to manage FIM client components, registry settings on client machines
Implement disaster recovery for FIM 2010
Back up and restore, FIM Service, FIM Portal, Sync Service, initial load scenarios; key backup and recovery
Preparation resources
Planning for Forefront Identity Manager 2010 R2
Installation guide
Forefront Identity Manager 2010 R2 deployment guide
Plan and configure core portal functionality (19%)
Plan and configure user and group provisioning
Provision to Active Directory, deprovision, data-driven provisioning and deprovisioning, configure Management Policy Rules (MPR)/workflow/sync rule triples required for provisioning in the portal, expected rule entries, detected rule entries, workflow parameters
Plan and configure group management
Configure dynamic groups (query-based) in the portal, owner-based groups and approvals, distribution groups, security groups
Plan and configure synchronisation rules
Inbound and outbound sync rules, create objects in metaverse using declarative rules, advanced attribute flows, relationships
Plan and configure authorisation and action workflows
Configure approvals, including multiple approvals and escalations; notifications; deploying and configuring custom workflow activities
Plan and configure security permissions and Management Policy Rules (MPRs)
Delegated administration, plan and implement user profile self-service, plan and implement group self-service, temporal objects, sets and set membership
Preparation resources
Provisioning rules
Synchronisation in Forefront Identity Manager 2010
Managing user identities with Forefront Identity Manager 2010 test lab guide
Configure advanced portal-based scenarios (17%)
Configure the Resource Control Display Configuration (RCDC) for object and attribute display
RCDC capabilities, validations, attribute permissions, data sources and data binding, form controls
Customise the user experience
Search scopes, menu navigation items, organisational branding, home page configuration, create and configure email templates, usage keywords
Extend the portal schema
Resource types, attributes, bindings, schema validation, synchronisation filters
Plan and configure self-service password reset and registration
Authentication workflow for password reset and registration, QA gates, case sensitivity, lockout gates, password reset action workflow
Write and interpret XPath queries
Create valid FIM XPath filters, reference objects and attributes, filters, conditions
Preparation resources
Understanding configuring and customising the FIM Portal
Creating a custom RCDC in Forefront Identity Manager 2010
Test lab guide: Demonstrating the FIM 2010 R2 self-service password reset with the QA gate
Configure FIM synchronisation (22%)
Create and configure standard management agents (MAs)
SQL Server MA, Certificate Management MA, Active Directory MA, file-based MAs, difference between call-based and file-based MAs, attribute flows, filters, projection rules, join rules, deprovisioning rules
Create and configure the FIM Service MA
Resource type mapping, Synchronisation Rule filter, understand the constraints of the FIM MA, attribute flow
Configure the metaverse
Plan precedence, extend the schema, object deletion rules
Create and automate run profiles
Clear run history, multi-step run profiles, run sequencing
Implement rules extensions
Install and configure password synchronisation and Password Change Notification Service (PCNS)
Configure Active Directory MA, install services on domain controllers, schema changes related to PCNS, service principal names
Preparation resources
Management agents in FIM 2010
Object deletion rules
Run profiles in FIM 2010 R2
Monitor and maintain FIM (21%)
Migrate the FIM configuration between environments
FIM Portal configuration, DLLs and code, synchronisation service server configuration, run scripts and automation tools, Windows PowerShell scripts, how-to-move configurations from development to test to production
Perform root cause analysis of provisioning issues
Issues with management policy rules, set definitions, workflows, and expected rule entries; misconfiguration of synchronisation service server; coexistence of classic provisioning and declarative provisioning; result sequence
Perform root cause analysis of issues related to password management
Issues with password synchronisation, self-service password reset, requirements for registration, end-to-end process
Perform root cause analysis of issues related to data flow and unexpected data
Data discovery issues, join issues, filter issues, run profile issues, threshold issues, Stack trace, precedence issues, object deletion rules
Perform root cause analysis of permissions issues
MPR definitions, set definitions, portal permission errors, service account permissions, provisioning issues, synchronisation service server roles
Preparation resources
Monitoring and diagnostics
Operations
Best MCTS Certification, Microsoft 70-158 Training at certkingdom.com