Directory & Identity Training Session Abstracts

Directory & Identity Session Abstracts

Following is a sampling of the sessions that will be offered at The Experts Conference for Directory & Identity 2010. We will be adding additional sessions and abstracts as speakers are selected. And you can look forward to seeing the agenda posted at the start of the New Year!

Keynote Session:

Speaker: Conrad Bayer

The Experts Conference for Directory & Identity will be kicked off by Conrad Bayer, director of program management, Active Directory, as well as program management leaders representing the complete Microsoft Identity stack. Join us for a look at the future of Microsoft’s key directory and identity technologies.

Pre-Conference Workshop:

Best Practices for Deploying Windows Server 2008 R2 PKI (Sunday, April 25 | 1pm-5pm)
Speaker: Brian Komar

Get ready for a hands-on best practices installation of Windows Server 2008 R2 PKI. This half-day workshop will include:

Discussions on private key protection for offline and issuing CAs
Planning your revocation checking infrastructure
Deploying an offline root CA
Deploying an online issuing CA
Publishing PKI information to Active Directory
Using Group Policy to facilitate certificate distribution

Equipment for this workshop will be provided.

Masters of Disaster – Data Recovery in Active Directory
Speakers: Jorge de Almeida Pinto, Guido Grillenmeier, and Gil Kirkpatrick

After replacing a failed domain controller, the most common recovery task in Active Directory involves restoring deleted or altered data. The process for recovering Active Directory data varies from version to version of Active Directory, and can be surprisingly complicated. In this workshop Jorge de Almeida Pinto, Guido Grillenmeier, and Gil Kirkpatrick will explain the way data is stored in Active Directory, how to properly recover object data from backup, how to reanimate deleted objects, and how to leverage the new Active Directory recycle bin. Equipment for this workshop will be provided.

Masters of Disaster – Service Recovery in Active Directory
Speakers: Jorge de Almeida Pinto, Guido Grillenmeier, Gil Kirkpatrick

Active Directory is the most critical piece of Windows infrastructure in your environment, and is by design highly reliable and robust. But there are situations that can put your entire Active Directory out of commission and render your Windows network inoperable. How do you recover your entire Active Directory quickly and reliably? Learn from the Masters the different kinds of service failures that can occur in Active Directory, how service recovery works in Active Directory, how to develop an effective backup and recovery plan, and how to restore an entire Active Directory domain and forest from backup. Equipment for this workshop will be provided.

Directory Services Sessions:

ADAM of LDS
Speaker: Dmitri Gavrilov

This talk by one of ADAM’s creators will touch on rarely discussed areas of ADAM personality, such as user proxies, bindable objects, the minimalistic schema, password policies, and the life without GCs. The talk will examine the principles and aspirations used in the design of this product. If time permits, we’ll also discuss AdamSync.

AD DS, LDS and RODCs on Virtual Server CORE for the Budget Impaired
Speaker: David Jones

Since the recent financial downturn, it has become harder to justify resources and budget for upgrading core infrastructure like Active Directory domain controllers. However, with every passing year support costs for older platforms continue to rise. With the new industry focus on virtualization and new product feature sets, it is now possible to upgrade your infrastructure on a budget. This presentation will focus low-cost options for upgrading your AD DS, LDS, RODC and DNS server infrastructure on Server CORE and Virtualization and supporting it for the long term.

AD FS Troubleshooting – When The Things That Can Go Wrong, Do
Speaker: Laura Hunter

Whether you’re trying out AD FS for the first time in a test lab, or if you’ve deployed a full-scale production environment, sooner than later you’re going to run into something that’s not working the way it should. Come hear a collection of tips and tricks for troubleshooting Microsoft’s federation technology and its underlying components gleaned from untold hours of suffering mightily under the Iron Fist of PKI, and other common AD FS maladies.

AD Replication Troubleshooting
Speaker: Sean Deuby

Problems involving replication of objects and attributes between domain controllers can be a tricky and time-consuming effort for AD administrators – especially if it’s not your full time job. Where do you start your troubleshooting? What areas can you eliminate? This session will focus on a flowchart created using the basic principles outlined in “Flowcharting AD Troubleshooting.” We’ll step through this process to isolate and resolve the most common types of replication problems.

Best Practices in the Active Directory BPA
Speaker: Dean Wells

Best practices are guidelines that are considered the ideal way – under normal circumstances and as defined by “those in the know” – to configure something. While non-compliance with these best practices (even the critical ones) does not necessarily lead to problems it serves to highlight configurations that may result in sub-optimal performance, reduced-reliability, unexpected/undesirable behaviors, increased surface-attack area or an array of other potential issues. The Best Practices Analyzer for Active Directory Domain Services serves as a one-stop-shop for surfacing these potentially harmful misconfigurations. In this session, we will review both the best practices available today and those proposed for the future and engage with the audience as to what represents “best practice” on an item-by-item basis.

Claims Clouds and Cards
Speaker: Pamela Dingle

Convergence is a lovely thing – Administrators finally have a viable, supported way to replace passwords with tokens – a solution that vastly improves security and is a godsend for compliance. All you need is an STS: a central Security Token Service can be used to manufacture claims containing identity information, and the resulting tokens can be passed via the browser during a single sign-on event with SAML or via web-services behind the scenes. Pamela Dingle from Ping Identity will demonstrate the big picture of how an STS centered architecture can be used to keep your corporate credentials out of the cloud, and how user-centric and social networking requirements are driving Enterprise solution adoption in indirect ways. Lastly, we will give you the scoop on the surprise twist in information cards that has occurred since last year’s TEC conference!

Deploying Read Only Domain Controls using Hyper-V and Powershell
Speaker: Brandon Shell

In this session we will discuss how to use Windows 2008/2008 R2 to deploy Read only Domain controllers using Powershell. This session will focus on remote office deployments but will be applicable to central offices as well.

Designing/Planning AD Schema Extensions
Speaker: Brian Desmond

This session examines what makes sense in AD and what doesn’t, shows how to evaluate a proposed schema change and even helps you deal with a fear of schema changes. You’ll learn how to look for attributes that need indexing, how to secure data (such as a confidential flag), and finally, carrying out a schema change (such as LDIF files vs something else).

A DS Geek’s Notes from the Field – Active Directory Recovery Unveiled
Speaker: Ulf B. Simon-Weidner

You’ve got R2 and enabled Recycle-Bin, so no other actions are necessary to prepare for an AD-Recovery? Or you haven’t yet deployed R2 (or switched to the forest-level)? Are you aware that even with today’s possibilities are not prepared for every scenario? You have to blend in certain features. You also have to manage them and adjust your processes accordingly! This session will give you an insight into experiences and practices from a field perspective about what can go wrong, what should you do to manage and look after AD in a proactive way. In this session, you’ll hear experiences from the field about Active Directory Disaster-prevention and recovery among interesting thoughts, scripts and scenarios. Think beyond and get inspired. This session will distinguish you from the Admins who keep their CV updated in case anything goes wrong to the ones who are prepared instead.

Federated SharePoint
Speaker: Tariq Sharif

As the world grows more connected, demand is increasing for easy, secure ways to collaborate across companies and over the Internet using familiar tools and applications. In this session learn how to collaborate across boundaries using Office, SharePoint, AD FS 2.0, and AD Rights Management Services.

Flying in the Clouds – How MSIT Manages Identity and Authorization with Cloud Services Azure,Exchange, LiveID Oh MY!
Speaker: Brian Puhl

What does an Identity Management team do as they watch applications and resources lift off into the sky? Come find out how the Microsoft IT IDM team has been leading through the adoption of Online Services (such as Exchange), integration with Live ID applications, and the mass migration of internal LOB applications to Windows Azure…while trying to maintain their sanity and security.

Generic SSO/IAM Solution Framework for Business Services Companies
Speaker: Ying Xie

This presentation provides a generic Single Sign-On/Identity and Access Management solution framework for business services companies. Business services companies face some unique challenges not usually found in an Enterprise SSO situation. They usually provide multiple services to multiple clients. These services may be developed over many years and utilize different platforms and technologies. These services normally have their own security models and require separate user credentials to access. Also many such companies may partner with other service companies to compliment their own services. These partner applications may or may not support Single Sign-On or federation. How do such companies provide a Single Sign-On/Identity and Access Management solution across all these clients, internal and external services? This presentation attempts to provide a generic framework that can be implemented on top of commercial SSO/IAM tools.

Hardcore Windows Troubleshooting
Speaker: Brian Desmond

In many organizations, Active Directory and Exchange support personnel are often the top of the escalation chain for Wintel support in general. In this session we’ll look at a number of scenarios that will demonstrate tried and tested troubleshooting methodologies and toolsets. Many of these scenarios are extremely frequent Wintel problems that are often also frequent PSS calls. This is a demo heavy talk – we’ll use sample applications written specifically for this session as well as data from actual customer issues to troubleshoot live.

Impact of Cloning and Virtualization on AD Domain Services
Speaker: Dean Wells

Customers are looking to fully virtualize their environments including file servers, web servers, DNS servers, and even domain controllers. Although it’s clear that virtualization provides many benefits around management and general cost savings, it is a tool that must be handled with care when used in conjunction with domain controllers. In this session we will review fundamental concepts of Active Directory, the impact of virtualization, and discuss how virtual domain controllers are best deployed and maintained.

In-Depth Look at AdminSDHolder, Protects Groups, and SDPROP
Speaker: John Policelli

Active Directory includes a number of built-in controls, which collectively provide an additional level of security for members of privileged groups. Even though these controls have been in place since the inaugural release of Active Directory a decade ago, administrators are still impacted by this functionality regularly. In this session, John Policelli will dive into the AdminSDHolder object, Protected Groups, and the Security Descriptor Propagator. Real-world examples, demos, and theory will be used to provide you with a comprehensive understanding of how these built-in controls interoperate and how you can use them to further secure members of privileged Active Directory groups.

Inside Kerberos
Speaker: Brian Desmond

In this session we’ll discuss how Kerberos and Active Directory integrate as well as how the various Kerberos message sequences which are critical to using AD operate. We will look at the role of the KDC, authentication requests, service tickets, service principal names, etc.

Leverage and Integrate Active Directory in Heterogeneous Environments Using Virtualization
Speaker: Michel Prompt

Active Directory is the backbone for authentication and authorization across your Microsoft environment. However, there are many cases where you want to use your Active Directory identity, authentication, and groups to secure resources and applications that are not AD-aware. In this session, we will explore these main use cases and look at best practices for using virtualization to leverage your AD infrastructure across non-Microsoft environments.

Locating Domain Controllers for AuthN and SYSVOL/NETLOGON Access
Speaker: Jorge de Almeida Pinto

This session will focus on locating Active Directory Domain Controllers for two very important processes. The first process is authenticating accounts in AD followed by the process to access data stored on the SYSVOL/NETLOGON shares such as for example GPOs and logon scripts. Each purpose uses its own mechanism to locate a domain controller to service the request made. Both processes will be explained how these work under the hood and how these interact with each other.

One Identity to Rule Them All
Speaker: Danny Kim

Identity is an essential element of distributed computing but navigating the forest of technologies and standards proves to be a complex decision tree of options and scenarios. With the advent of cloud computing and the addition of consumer and unmanaged users to the mix, incorporating a federated single sign on has become a must. This session will cover a cloud computing case study of an identity implementation using Microsoft’s Windows Identity Framework (”Geneva”) that addresses both the consumer case in an emerging market and the corporate scenario in an on-premise cloud. It will show the simplified computing model for developing identity services that is claims based, cloud agnostic and Active Directory integrated.

Operating RODCs in the DMZ – Improvements with Windows Server 2008 R2
Speaker: Guido Grillenmeier

Windows Server 2008 was the first OS that allowed us to safely deploy RODCs in the DMZ – this approach can helps you to reduce the costs of managing multiple AD forests in the DMZ and simplify overall management of the DMZ. It was and is a key reason for HP to leverage RODCs quite to the surprise of Microsoft at the time. In the meantime this solution has been embraced by Microsoft and further work has been done in R2 to improve the manageability of this solution. This session will recap where RODCs in the DMZ are a good fit in your enterprise and how the solution has become even more attractive with Windows Server 2008 R2.

Security in Windows Azure
Speaker: Einar Mykletum

Windows Azure represents Microsoft’s exciting cloud computing offering. In this session we take a closer look at security and compliance concerns related to Azure, as well as cloud computing in general. We’ll become familiar with security features offered by Windows Azure that alleviate some of the security concerns voiced today. We also then share some suggestions about what steps customers can take in order to decide whether or not to host their application(s) and/or data in Windows Azure, as well as the their responsibilities when it comes to security in the cloud. We also point out a few aspects that complicate security analysis of Windows Azure and cloud computing services.

Troubleshoot Microsoft Active Directory Federation Services 2.0
Speakers: Brian Puhl and Femi Aladesulu

Mission critical services are moving the cloud, and the dependency on your federation infrastructure is only going to become more critical. Come listen to stories from the trenches, as MSIT engineers talk about their experience deploying and running Active Directory Federation Services 2.0, and drill down into some of the common (and uncommon) issues, and find out how to troubleshoot this new service.

Under the Hood: What _Really_ Happens During Critical Active Directory Update Operations
Speaker: Ulf B. Simon-Weidner

In this session we will take away the fear – or make you really scared: are you fully aware what “critical” operations in AD really do, especially when migrating your environment? We will look at those operations and look into the details what they are doing, to distinguish whether they are critical to our environment or not. This session will have many notes from the field, approaches to challenges and scenarios on how to manage the associated risks and prepare for rollback.

Upgrading Domains from Windows Server 2003 to Windows Server 2008+
Speaker: Robert Nottoli

As a Technology Specialist with Microsoft Rob Nottoli asked on a weekly basis by large enterprise customers in the Chicagoland area how to upgrade from Windows Server 2003 Domains to Windows Server 2008+ Domains. This session will go over this very topic. Areas of emphasis will be on the domain upgrade process, new features, top 10 things to consider, and what could break after an upgrade.

Virtualizing Active Directory with Hyper-V and System Center Virtual Machine Manager
Speaker: Guido Grillenmeier

This session will desribe the benefits and the risks of virtualizing AD on Hyper-V from an enterprise deployment of Hyper-V. There are various aspects of virtualization and how it may impact the operation of your AD infrastructure, that are critical to understand before making the decision either for or against virtualizing your AD domain controllers. This session will share the expericence gained from a large scale, global Hyper-V deployment, centrally managed through SCVMM, which included the partial virtualization of AD.

Windows Directory Services Futures
Speakers: Robert DeLuca and Dean Wells

Do you want to influence the future of Active Directory? This highly interactive discussion-based session – focused entirely on future product direction – provides a unique opportunity to share real-world requirements, help shape the next releases of Active Directory, and better understand how your priorities align to those of your peers. Members of Microsoft’s Directory Services product team will be on hand to absorb your feedback first-hand and provide insight into the Windows product planning process.

Forefront Identity Manager (FIM) Sessions

Advanced Workflow in FIM 2010 – One Year Later
Speaker: Jeremy Palenchar

Get ready for an in-depth look at workflows in FIM 2010. Last year, we did self-service password reset using a cell phone. One year later, a lot has been learned about workflows in FIM. We’ll revisit the password reset scenario and examine some common patterns for developing advanced workflows in FIM. Attendees will leave this session with a solid understanding of workflow in FIM 2010 and several examples of Enterprise-class workflows suitable for their environment. Tips for making your workflows manageable, flexible, and scalable will also be given.

Applying Policy Retroactively with FIM 2010
Speaker: Brad Turner

What do you do when you need to apply policy across a subset of users and can’t wait for a new request or set transition? How can you use policy to apply targeted actions or workflows to a set of users? How do you apply that Provisioning Sync Rule you worked so hard to build on all of your pre-existing AD accounts? This session will discuss the finer points of using the Run On Policy Update (ROPU) Workflow feature to solve these problems and discuss common pitfalls. Don’t get roped into a corner, add ROPU as the next tool in your FIM arsenal.

Automating FIM Deployments with Microsoft PowerShell
Speaker: Craig Martin

In a FIM deployment of any size, administrators will want to automate the management and maintenance of their servers and configuration as much as possible. Come to this interactive and demo-filled session to see real-world examples of Powershell automation and scripts that you can use to improve your FIM maintenance experience. Whether you are new to the Powershell “game” or a seasoned pro, you will find tips, tricks, and advice that you can start using right away within your environment.

Certificate Lifecycle Management – A Case Study
Speaker: Dave Nesbitt

In this session, follow the deployment of Certificate Lifecycle Manager from first concept to final incarnation using a real-world customer case study to lead the way. Along the way we’ll discuss the requirements involved in ensuring a strong underlying infrastructure (if your AD and your PKI aren’t up to snuff, just put the CLM disk away), the process of developing workflows to manage the lifetime of certificates and smart cards, as well as integration points with Identity Lifecycle Manager.

Coding for FIM 2010 (When, Why and How to Write Code for FIM 2010)
Speaker: Dmitry Kazantsev

The focus of this presentation will be on coding aspects for FIM 2010, including a look at why, when and how you need to write for certain operations and which operation can be achieved without code. FIM 2010 provides admins with codeless provisioning, but it is also introduced whole new level of complexity of coding. FIM 2010 requires coders to add new set of knowledge about Windows Workflow Foundation, Web Design, and other previously untouched by ILM areas of .NET framework. The session will provide a working demo of code snippets and demonstrate principals of writing and debugging code.

Communicate the Importance of Identity Infrastructure
Speaker: Kevin Kampman

Communicating the importance of identity infrastructure to meet business objectives can be challenging for IT professionals. While identity management has become integral to business operations, initiatives such as cloud computing and identity services challenge current assumptions about requirements and benefits. In this session, Burton Group will provide insight and recommendations enabling you to provide leadership and articulate the value of identity in today’s dynamic environment.

Custom Workflow Development in FIM 2010
Speaker: Joe Zamora

Get an in-depth look at the extensibility of Forefront Identity Manager 2010 through the use of custom workflow development. Although FIM 2010 includes a new “codeless provisioning” feature set, you’ll find that you can’t quite satisfy all real-world business requirements with codeless provisioning. Learn how to tap into the power of FIM’s new request famework that’s built on Windows Workflow Foundation. Overcome the first hurdle of custom development by demystifying the process and discovering what resources are available. Learn the tools of the trade, ins and outs, gotchas, and hidden gems of workflow development. Finally, bring it all together with a demonstration of a custom workflow that’s already available to the community.

Designing Your First FIM 2010 Solution (Creating Solutions for FIM 2010 with ILM 2007 Experience in Mind)
Speaker: Dmitry Kazantsev

This session will concentrate on design differences between FIM 2010 and ILM 2007/MIIS 2003. The new product introduced a significant shift in design and therefore requires new set of skills. Creating new solution on FIM platform with ILM mindset could doom the project. Thinking in the new terms is a requirement, however Sync Engine (MIIS/ILM) is still at the core of the FIM 2010, and previously gained knowledge should be used in new and creative ways. The session will demonstrate design differences between MIIS/ILM solutions and FIM and will provide comparative analysis between products, which should allow system admins to make more intelligent choices when designing new solution(s).

The Dream and the Reality of Friction-Free Federation
Speaker: Joe Kaplan

It is clear that technologies like AD FS enable whole new ways to extend the value of our investments in our directories and provisioning systems. We can now federate with our vendors, partners and clients to allow web single sign on across organizational boundaries. Setting up AD FS does not seem so difficult and reality, it is not. Deploy a few servers, click a few buttons and you are all set, right? Maybe not quite. The session will draw from examples collected over several years of running an actual AD FS system in a large IT organization. In addition to presenting useful tools, tips and strategies, the session will also encourage interaction and discussion. Attendees should gain a realistic idea of what types of things you may wish to consider in order to be more successful while at the same time hopefully having many of their fears of federation alleviated.

Extending Certificate Enrollment Beyond Your Forest with Windows Clients
Speaker: Brian Komar

Windows Server R2 introduces two new features that can help you streamline your PKI and reduce the costs associated with your PKI. The first new feature is the ability to issue certificates from a CA in a resource forest to users and computers in account forests. The session will discuss the requirements to enable cross-forest enrollment, demonstrate the configuration, and discuss migration strategies from your existing PKI. The second new feature involves the two new Role Services in Active Directory Certificate Services: Certificate Enrollment Web Service and Certificate Enrollment Policy Web Service. These two role services open the possibility of autoenrollment of certificates to non-Windows devices (such as Linux workstations) by using HTTP as the enrollment protocol. The session also will look at how the HTTP-based enrollment works, how you define policies for enrollment, and discuss the implications of enabling HTTP-based enrollment.

Federated SSO Solutions Using SharePoint 2010
Speakers: Chris Calderon and Jeff Holliday

In the world of on premise and hosted “cloud based” solutions, how can you best simplify your coexistence strategy? Attend this session presented by Ensynch’s Identity Management and SharePoint teams to see how the combined knowledge of each practice helped shape one of the most robust methods for you to enable Single Sign On for your on premise and cloud based apps.

Federation – The Last Mile
Speaker: Dave Jones

When implementing federation and SSO to the Cloud and from your customers and partners into services your business offers, it’s that last mile integration that can cause the most fear, uncertainty and doubt.

To makes things more complicated, this last mile integration is no longer limited to one technology domain, it now spans across directory services provisioning, involves exchanging incompatible tokens on the fly between authentication systems, requires passing credentials securely from application to application on behalf of users, and all that after starting out with installing third party software on your web and application servers. Put all that together and what would be simple problems can quickly escalate into large ones.

This presentation will dive into detailed configuration and troubleshooting examples of real world lessons learned at a large hardware and software company bringing all these varied technologies in line to make end to end Federation work. The goal of sharing these lessons learned and best practices is to help other corporations and small to medium enterprises avoid the same pitfalls and further the knowledgebase of this growing area in our industry.

FIM 2010 Performance Tuning (SQL and more)
Speaker: David Lundell

Learn how to tune FIM 2010 to make it scream. Take a look at the various architectures and what they buy you. Learn how crucial SQL is to FIM performance and what to do about it. You’ll also learn tips for workflows and the FIM web service and receive a crash course in the SQL Server Optimization.

Forefront Identity Manager 2010: Customer Focused Design Session
Speaker: Robert DeLuca and Jack Kabat

Help improve the next version of FIM! Attend this session with customer requirements you would like the FIM team to consider for future releases. The structure of the session is based on the requirements-gathering phase of Customer Focused Design (CFD) and will be highly interactive. Participants can vote and provide feedback in prioritizing requirements gathered the following day, and are encouraged to attend the separate results session.

Forefront Identity Manager 2010: Deploying FIM
Speaker: Jack Kabat

Forefront Identity Manager (FIM) is a powerful platform which can satisfy many customer requirements for identity and access management. This session covers capacity planning, project planning, tips for managing SQL Server, and best practice configurations from the product team. This session is appropriate for attendees already familiar with FIM.

Forefront Identity Manager 2010: Modeling Entitlements in FIM
Speaker: Jack Kabat

Mapping customer requirements to FIM policy often requires deliberate planning. Hear what the product team thinks about modeling entitlements with Transition Management Policy Rules and Workflow activities. Key considerations of the FIM architecture will be covered and common questions like “Roles” and access entitlements answered. The beginning of this session will include the results of the product team’s CFD.

Forefront Identity Manager Roadmap
Speaker: Fred Delombaerde

This session offers a look into the upcoming evolution of Forefront Identity Manager. Join us for this popular session and be among the first to hear the news direct from the product team.

How to Migrate from a Custom Group Application to FIM 2010!
Speaker: Joel Silver

Here is the story of how a large custom group application was migrated to FIM 2010. It is a great story that describes not only the technical details of how the migration was completed but also how the business with so many groups was able to make the smooth transition from a very entrenched system to a new system. How did we do this? How could we set so many groups for migration while they are being used? How could we train the user base to use a new tool? What were the problems? What can you learn from this? Come find out.

How to Not Screw Up Your PKI Development
Speaker: Brian Komar

If you want to learn from the mistakes performed by others, this is the session for you. The session will look at the Top 10 most common deployment mistakes when deploying a PKI in your network.

Logging and Auditing in FIM 2010
Speakers: Jeremy Palenchar and Gil Kirkpatrick

FIM provides a rich logging and auditing architecture out of the box. However, accessing this information can be tricky. In this session, we will present a methodology and the source code necessary to extract the logging and auditing information from the FIM system and store it in a user-friendly data warehouse. The solution leverages the ILM Sync engine and SQL Reporting Services so it will be easy to integrate into any FIM solution. This session promises to take logging and auditing from boring and painful to fun and easy.

Proper Care and Feeding of Your Databases: FIM, ILM, CLM, RMS, SharePoint and OCS
Speaker: David Lundell

Without proper care and feeding of your databases (FIM Meta Directory Services, FIM Certificate Services, FIM Web Service, RMS, SharePoint and OCS logging), chaos will result. Learn to conquer the chaos as David Lundell, SQL expert and ILM/FIM MVP, teaches you appropriate backup strategies, database and index maintenance tactics, and performance optimization tricks including guidance on fillfactor settings for SharePoint. You will also receive a crash course in the SQL Transaction Log, SQL Recovery Models, Database Maintenance Plans, Index Optimization, SQL Backups, and SQL Agent Jobs.

Roles and Attestation with FIM
Speaker: Dave Nesbitt

As Identity Lifecycle Management deployments mature, the next step toward Identity Nirvana is getting hold of the many permissions and roles that are loose within your environment. This session will clarify the concept of roles, show how FIM can be extended to handle roles, show ways of building a role model, and then also consider how FIM might be used for Attestation – a key component of Governance, Risk and Compliance (GRC).

SPNEGO – An Italian Dish or Something More Important?
Speaker: Jackson Shaw

Every day Windows users sit down to a buffet of single sign-on technologies that they take for granted. In this session we’ll drill down into Kerberos, SPNEGO, S4U and other related technologies to provide you with understanding of how all these pieces of technology work together to enable that single sign-on that we all take for granted. We’ll follow that with a discussion of the technical difficulties that must be overcome in other platforms to enable a broader, more cohesive single sign-on strategy that extends out to other platforms (Unix, Linux, Java, AS/400, etc) and applications (SAP, DB2, Documentum, etc).

Using DFS and GPO in ILM High Availability Scenarios
Speaker: Brad Turner

This presentation will demonstrate how ILM Architects, Engineers, and Administrators can leverage Active Directory Distributed File System (DFS) to replicate solution content between the primary ILM server and the warm-standby server as well as Group Policy Preferences to deploy scheduled tasks. Solution content is typically any of the following file information used in an ILM solution: MAData, Run Profile automation scripts, and dependent code libraries. Setup and configuration of DFS & GPO Preferences for a Windows 2008 AD environment will be covered in a live demo.

Virtual Directories and FIM: A Match Made in Heaven?
Speaker: Antonio Navarro

Join us as we explore the synergies and overlaps of Forefront Identity Manager and Virtual Directories.

Where’s My Password – FIM, PCNS, and Windows Services
Speaker: Rob Allen

Let’s roll up our sleeves and dig into utilizing PCNS, FIM events, and Windows Services to create an enterprise solution that notifies your end users about PCNS Down-Level activity on their “joined” target identities. In large environments it’s common for an end user to have 15 to 20 down-level password synchronization targets. Does your user know if all were successful before trying to login? Let’s be proactive and share some field findings…

What in the WSDL? Web Services Management Agents for FIM
Speaker: Rob Allen

You land a contract for a corporation that has gone Web Service crazy and the need to tightly integrate FIM and this mystery service has become critical. We will dive into methods to the madness and show how to quickly gather data types, requirements, better understand the target web service, and effeciently deploy an ECMA. Join this session to demystify web services as a tightly integral component to your FIM deployments.