locked
Implementation of MIM Fresh on Existing AD Domain and Existing Sharepoint 2016 Infrastructure RRS feed

  • Question

  • Can we Install MIM on Windows 2016 Server with existing AD Domain and Sharepoint 2016 Environment .Could not see any docs supporting the Implementaion of Already existing AD Domain and Existing SP Environment .If so kindly guide to the document.

    Belive we need to install the agents so that it can communicate with AD & SP??

    We are planning to implement MIM as a sloution for Password Self Service pages and for User Import In Sharepoint 2016

    Thansk & Regards

    Gops

    Tuesday, April 7, 2020 5:24 AM

Answers

All replies

  • yes, thats no problem.

    just don't deploy the mim portal solution into your existing sharepoint farm. highly recommend to deploy a dedicated sharepoint farm for the mim portal.

    https://docs.microsoft.com/en-us/microsoft-identity-manager/microsoft-identity-manager-deploy


    Please remember to mark the replies as answers if they helped.

    • Marked as answer by Gopakumar0 Thursday, April 9, 2020 3:30 AM
    Tuesday, April 7, 2020 6:37 PM
  • Thanks for the Link...but is it a must for MIM to have sharepoint on Our Domain?As i said our aim is to have password self service portal rather than use the third party
    Wednesday, April 8, 2020 9:11 AM
  • to configure sspr, you ned to deploy the mim service and if you like to have a portal to configure the sspr workflows you need at least one portal - which requires a sharepoint to deploy the portal solution to it.

    Please remember to mark the replies as answers if they helped.

    Wednesday, April 8, 2020 11:22 AM
  • I thought we can make use of MIM through IIS site and publish that ...so Sharepoint needed ..can we use just another sharepoint portal with all in one box and configure the SSPR site external right??As its highly recommended another instance of SP as you mentioned above ,we cannot make use of existing company portal which is on SP
    Wednesday, April 8, 2020 11:26 AM
  • If it can be configured without Sharepoint , like just enable the service can we make use of that for sspr ?Users will get a link for changing the password from anywhere in internet?We are maximum trying to avoid Third party products especially this time as all willbe working from home
    Thursday, April 9, 2020 3:19 AM
  • yes, you can go with a "i don't deploy the portal". but you have to use powershell all the way to configure the sspr workflows and i guess, this is not supported and very limited in what i actualy can configure. And just to make it clear, the mim workflows modified by powershell is not that easy ;-)

    other thing... as you are "just" going for the sspr feature, why not use azure for that?

    Install the aad connect, sync into your azure tenant and enable password writeback?

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-writeback

    but of course, you would require at least some azure ad p1 licences for your users:

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-licensing


    Please remember to mark the replies as answers if they helped.

    Thursday, April 9, 2020 5:41 AM
  • Thanks a lot for the info...maybe we will deploy just a shrepoint portal for the purpose .

    Yeah currently we are using aad connect for MS teams but thats for temporary license because of the situation now .

    Once again thanks for the info..

    Thanks & With Best Regards

    Gops

    Thursday, April 9, 2020 11:51 AM
  • Hi Proed

    Where did you find recommendation for dedicated sharepoint farm? Are there any technical issues or it is just for separation of server maintenance?


    Borys Majewski, Identity Management Solutions Architect (Blog: IDArchitect.NET)

    Thursday, April 16, 2020 12:31 PM