This wiki article provides a quick overview of MS partner and 3rd party software solutions built on FIM 2010.

For a detailed description of the solutions offered, see the respective partner websites referenced.

FIM 2010 Training

Oxford Computer Group

Oxford Computer Group provides a big amount of assets for FIM Sync and FIM Portal - including 24x7 Premium Support and Operating.

In the following part only the most important OCG software are listed.

Company website DACH (english + german) : or go direct to the products and solution website : OCG Solutions for FIM

Company Website UK:

OCG has created all of the FIM MOC Trainings for Microsoft worldwide and is the main trainings partner in this area.

See: FIM Trainings  

RBAC (Role Based Access Control)

Microsoft BHOLD Suite

  • Role management now part of Forefront Identity Manager 2010 R2

    "BHOLD Suite is a powerful application for control of authorization management, for use in conjunction with FIM2010."

  • BHOLD Suite demos with FIM2010

Identity Forge


  • Authorization
  • Access Management 
  • Provisioning
  • Reconciliation
  • Password Management 
  • Self service/Self registration 
  • User Management
  • Role Management 
  • Regulatory Compliance
  • Audit & Reporting



  • Omada identity suite for FIM 2010
    • Password management & CLM
    • Request with offline approval
    • Compliance Reporting
    • Compliance Attestation
    • Advanced Enterprise RBAC
    • Sharepoint Governance
    • Packaged Business processes


OCG FIM Mobile 2010 R2

Oxford Computer Group

  • OCG FIM Mobile 2010 R2
  • The OCG Mobile Approvement supports managers, security officers and those responsible for human resources when it comes to granting access rights.

    FIM Mobile Client features:

    • Authorisation procedure for single requests
    • Authorisation procedure for multiple requests
    • Detail view of the authorisation requests
    • Create new requests
    • My role list incl. detail view
    • My employees list incl. detail view
    • Password reset functionality
    • Roaming and notification functions
    • Periodical/Manual list updates without notification
    • Encrypted data transfer
    • Online registration of mobile devices

    The application can be tested only in conjunction with the Microsoft Forefront Identity Manager and FIM Proxy Service from Oxford Computer Group.

    More informations see:

Business Solution for FIM 2010

Oxford Computer Group

The OCG Business Solution supplements the Microsoft® Forefront Identity Manager 2010

Portal solution with the following key features:

  • Visual presentation of your business structure
  • Visual administration and maintenance of business structure elements
  • Full function Role Base Access Control module
  • Full Microsoft® Forefront Identity Manager 2010 Portal integration
  • High extensibility and simple customization interface

Business structure can be displayed based on the following information:

  • Organization information
  • Technical information
  • Geographical information

Business structure elements can be managed by using the following actions:

  • Creation
  • Modification
  • Deletion

The RBAC module as central part of the OCG Business Solution enables the following functions:

  • Mandatory and optional role assignments
  • Permission assignments
  • Manual assignments
  • Inheritance of assignments in different levels
  • Inheritance of attribute values based on assignments
  • Compliance rules and Segregation of Duty (SoD)

OCG Business Solution is fully integrated in the Microsoft® Forefront Identity Manager 2010 Portal user interface using only Microsoft® Forefront Identity Manager 2010 standard technologies like sets, workflows, RCDC and MPRs. After installation no additional adjustments are necessary.

The integrated OCG Business Solution user interface can be extended and customized easily using Microsoft® Silverlight..

For more information, please visit: User Manager

Audit & Reporting Solution

Oxford Computer Group

The functionality of the OCG Audit & Reporting Solution supports various groups of people and supplements the Microsoft Identity Management platform with what is an indispensable component. The main focus of the solution is to constantly supply employees with the information they need to carry out their respective tasks. The Audit & Reporting Solution can display information from any given time in the past.

Governance / Chief Security Ocer: Compliance

  • Overview of compliance violations of company guidelines.
  • Overview of compliance violations of legal regulations.

Data controller: Permission control and certification

  • Overview of access permissions of users to the data entrusted to them.
  • This overview is also the starting point for the certification process of permissions.

Audit and Reporting Solution for FIM 

SharePoint Solution

Oxford Computer Group

The OCG SharePoint Solution for FIM allows user to manage SharePoint objects as well as to generate SharePoint Management Security Reports.

The following features are provided by the OCG SharePoint Solution:

  • Display and management of the SharePoint sites
  • Display of site collections in the FIM portal as business structure
  • Display and management of SharePoint user profiles
  • Display and management of SharePoint groups and group memberships
  • Reporting for existing SharePoint infrastructures
  • Security reporting for all objects in SharePoint (via additional SP Reporting Service) with integration into standard Microsoft® SQL Reporting Services

Name Generation Service (NGS)

For more information, please visit: OCG NGS

Oxford Computer Group

The Name Generation Service 2013R2 (NGS) is an operating tool for generating and storing distinguished names and unique keys for connected systems. It is stable and easy to install and configure.

It generates unique values for various purposes (e.g. distinguished names, email addresses, account names, record IDs), and manages the issued values in separate namespaces for different systems, applications and domains. Namespaces can be combined und structured via a name space internal scope, which allows NGS to be used effectively in multitenant implementations.


Scheduling Sync


Quest Mission control



  • Unify FIM Event Broker
    • Website:
    • "/../ FIM Event Broker is a robust, flexible and scalable real-time, event manager for Microsoft's Identity Management Platform, be it ILM or FIM.  It is configurable to be “event aware” for any FIM/ILM-based provisioning solution and triggers the synchronization engine to execute run profiles only when there is work to do /../ "

Soren Granfeldt


Analyzing Configuration


  • FIMAlyzer
  • Website:
  • "The FIMalyzer analyzes the configuration of FIM 2010 installations (portal, sync and code components) and presents the output either interactively, or in the form of a Word report."

Function Evaluator


  • Function Evaluator
    • Website:
    • "/../ offers a wider range of functions than the built-in one, such as a Unique Name Generator (which could generate a unique account name, or a contractor id based on a counter), and a Random Password Generator (allowing letters and symbols to be used as well as random numbers). /../"


  • FIM 2010 PowerShell Cmdlets
    • "The FIM 2010 PowerShell cmdlets let you easily create, search, modify, and delete objects in the FIM 2010 web service store. They are more complete, and much easier to use, than the FIM configuration import/export cmdlets provided with FIM."

Query FIM

    • A Windows Forms front-end to the FIM unsupported web service enumeration client. Provides a one-stop shop for querying the web service with XPath filters.

Certificate Management





OpenFIM is a custom front end for Microsoft Forefront Identity Manager Certificate Management that supports Registration Officers and PKI Admins in their daily work. Features include:

  • Simplified, wizard-based user interface
  • Cross-browser compatible
  • Customizable design
  • Supports all policy types (Enroll, Revoke, Recover etc.)
  • Management of machine certificates
  • Mail notification for denied requests
  • Process signature (a hash is calculated over request values and signed by the requestor's certificate)



Password Management

Oxford Computer Group

OCG Password Change Notify Service / Password Filter Service

The password synchronization components contained in the OCG PCNS synchronizes the passwords of all of the user's accounts in real-time. Advantages: One password for all applications.

By using one uniform password per user, the requirements of the password security also rise. This can be ensured by increased password complexity. The password rules module contained in the OCG PCNS integrates into Microsoft infrastructures and enforces the usage of complex passwords.


    • Advanced password rules, e.g. for SAP, UNIX, Host... (e.g. maximum password length, exclusion list)

    • Only HTTPS/SSL approval in the firewall necessary

    • Transfer of passwords using web services for the central IAM system

    • No schema extension in the active directory necessary

    • Transfer of the passwords beyond AD Forest boundaries (no trust necessary) 

For more information, please visit: OCG PCNS

Zetetic LLC

SMS Provider for FIM Password Reset Portal

Zetetic's SMS Provider for FIM 2010 R2 is an integrated software plug-in and SMS gateway service for FIM 2010 R2's SMS One-Time Password gate for Self-Service Password Reset.  After (or in place of) answering password reset questions, users will receive a PIN code on their mobile devices that allows them to reset passwords, substantially improving the security model for SSPR.

Extending IAM


Management agents

See the FIM 2010 MAs from partners wiki article.

See Also