There is a MOC course for MIIS and another one that touches on MIIS while going over Security and Access Management:
2731: Deploying and Managing Microsoft(r) Identity Integration Server 2003 http://www.microsoft.com/learning/syllabi/en-us/2731afinal.mspx 2804: Microsoft(r) Security Guidance Training IV http://www.microsoft.com/learning/syllabi/en-us/2804Afinal.mspx If you just want straight MIIS training then the first one is what you're looking for. Also, if you work for a MS Partner then I'd get ahold of your MS rep and see if perhaps there is an Internal MS course that partners can attend. I don't know if there are or not, but it might be worth looking in to if you want some additional courses beyond that 2731 MOC. Phil On 7/29/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > One of the best MIIS lists I've found is [EMAIL PROTECTED] As far > as books, haven't found one. I think MIIS now finally offered as a MOC > course. > > :m:dsm:cci:mvp > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Phil Renouf > Sent: Friday, July 29, 2005 1:30 PM > To: [email protected] > Subject: Re: [ActiveDir] OT: MIIS, ADAM, & AD > > MIIS looks pretty complex, but it is something that can be figured out > (I've gotten it working so it can't be that hard ;) The thing I found > with MIIS is that things aren't where you think they would be, and > some switches/options do things that you're not expecting. There are > some good Q articles about getting MIIS working, but I never looked > for a book or anything. > > My question is: what are you going to be using the central LDAP > directory for? > > Phil > > On 7/29/05, Ken Cornetet <[EMAIL PROTECTED]> wrote: > > We have an upcoming project which will require an LDAP directory > containing > > both our internal users, and our extranet users. Currently, our > internal > > users are in one AD domain, the extranet users are in another. The > domains > > are in separate forests, and there are no trusts. > > > > My plan is to use ADAM for the central LDAP directory. However, I'm on > the > > horns of an enema, um, I mean dilemma on how to sync ADAM to the two > > domains. A first glance would suggest MIIS. However, MIIS looks pretty > > complicated, and difficult to configure. > > > > I'm considering writing my own sync code since the task at hand is > > relatively straight-forward. Passwords will be a bit of a problem, but > not > > unworkable. We use Psynch to maintain our internal passwords, so I can > have > > it change the ADAM passwords at the same time it changes the internal > AD > > passwords. The extranet users change their password via an existing > web app, > > so having it change the ADAM passwords won't be an issue. > > > > Reading about ADAM "proxy users" leads me to believe they'd be a > perfect fit > > as the object type to use for our internal users (authentication is > relayed > > to AD thus negating the need to sync passwords). However, the ADAM > tech ref > > says proxy users should only be used as a last resort, and to refer to > the > > next section as to why. Unfortunately, the next section doesn't > explain why > > not to use them. Anybody know why proxy user objects are evil? > > > > Are there any good "MIIS for dummies" type documentation around? Any > good > > ADAM and/or MIIS mailing lists? > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
