1. No category

This is a directional view into the Microsoft Identity Manager investments. Dates and capabilities are subject to change.
Disclaimer
The following slides contain preliminary information that may be changed substantially prior to final commercial release of the software described herein.
The information contained represents the current view of Microsoft Corporation on the issues discussed as of the date of the presentation. Because Microsoft must respond
to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information
presented after the date of the presentation.
This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THE
ROADMAP PORTION OF THIS PRESENTATION.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this presentation. Except as
expressly provided in any written license agreement from Microsoft, the furnishing of this information does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.
© 2014 Microsoft Corporation. All rights reserved.
Empowering
people-centric IT
Unified device
management
Desktop
Virtualization
Hybrid Identity
Access and
information
protection
Hybrid Identity Management
Identity And Access Delivered
Azure Active Directory
Windows Server
• Provides a rich standardsbased platform for
developing applications
• Includes user provisioning
and SSO to Microsoft
Online Services and third
party SaaS
• Adds enterprise features,
including self-service and
security reports, for cloudmanaged resources
• Includes Multi-Factor
Authentication, and server
and user CALs for onpremises Identity Manager
• Active Directory is the
primary auth source for
>90% of customers
• Active Directory
Federation Services with
integrated MFA
• Web Application Proxy
for at the edge pre-Auth
• Enforce conditional
access to resources
Identity Manager
• Delivers self-service
identity management
• Automates lifecycle
management across
heterogeneous platforms
• Provides a rich policy
framework for enforcing
corporate security
policies for identity and
access
Identity And Access Management Scenarios
Meet governance goals
Reduce IT burden
• Integrated identity lifecycle
management
• Hybrid identity
synchronization across onpremises and cloud
applications
• Self-service credential
management
• Delegated group and
access management with
approvals and attestation
Enterprise security
• Certificate and smartcard
management
• Role-based access
provisioning
Our approach to Identity Manager vNext
Forward looking
Hybrid connections
Lead with forward looking,
modern scenarios that are
focused on our customer’s
emerging needs and the
cloud and mobile worlds
that our customers are
looking to adopt and
manage
Connect the on-premises
identity and access
management capabilities to
cloud based services
including Azure Active
Directory, Office 365 and a
range of third party SaaS
applications
Easy to deploy
Focus on new scenarios,
delivering complete and
powerful solutions that are
easy to adopt and
customize, while continuing
to evolve existing identity
and access management
features
Modernize the IAM Experiences
•
•
•
•
•
Privileged Access Management
•
•
•
•
Hybrid Integration
•
•
•
Identity Manager vNext Investments Summary
Modernize
Privileged Access Mgmt.
Hybrid scenarios*
Recent platform versions supported
Privileged user and account discovery
Self-service password reset with MFA
Easy to integrate APIs
Improved protection of privileged
access
Integration with SaaS HCM (HR) apps
Modern user interfaces
Self-service account unlock
Multi-forest Certificate Management
Just In Time (JIT) admin access
controls
Auditing, including alerts & reports
Easy-to-deploy reporting
Additional reports
* Some features may require a subscription to
Microsoft Azure services
Identity Manager Timelines and Deliverables
January 2013
Mid 2015
FIM 2010 R2 SP1
Identity Manager
H1 2016
Identity Manager
post-vNext updates
Identity Manager Roadmap (beyond vNext)
Modernize
Privileged Access Mgmt.
Hybrid scenarios*
Virtual smartcard management
Threat detection, analytics and
alerting
Continued integration with Office
365 and Azure capabilities
Just-in-time access experiences for
users in non-administrator roles
Role management, mining and
access recertification for SaaS
Management in application and
non-interactive access scenarios
Identity and access management
for external users
Extension to non-AD-based
applications
Cross-organization access
management
Constrained delegation of privilege
administration and use
REST API and claims-based
authentication for cloud apps
Additional operational and audit
reports
Flexible workflow policies including
org-structure based approvals
Credential management for
emerging credential types
Continued updates for compliance
and governance
* Some features may require a subscription to
Microsoft Azure services
Next Steps
http://support.microsoft.com/kb/2772429/en-us
http://aka.ms/recl8c
Learn more
http://aka.ms/HybridIdentity
http://aka.ms/IdentityManager
http://aka.ms/fim2010forum
http://blogs.technet.com/b/ad/
Session
Title
Timeslot
DCIM-B382
Cloud Identity and Access Management: Microsoft Azure Active Directory Premium
Tuesday, May 13 10:15 AM - 11:30 AM
FDN02
Enabling Enterprise Mobility with Windows Intune, Microsoft Azure, and Windows Server
Monday, May 12 11:00 AM - 12:00 PM
PCIT-B212
Design Considerations for BYOD
Tuesday, May 13 10:15 AM - 11:30 AM
PCIT-B213
Access Control in BYOD and Directory Integration in a Hybrid Identity Infrastructure
Wednesday, May 14 3:15 PM - 4:30 PM
PCIT-B310
Empowering Your Users and Protecting Your Corporate Data
Monday, May 12 1:15 PM - 2:30 PM
PCIT-B313
Hybrid Identity: Extending Active Directory to the Cloud
Monday, May 12 4:45 PM - 6:00 PM
PCIT-B314
Understanding Microsoft’s BYOD Strategy and an Introduction to New Capabilities in
Windows Server 2012 R2
Tuesday, May 13 8:30 AM - 9:45 AM
PCIT-B321
Deploying the New RMS for Cloud-Friendly and Cloud-Reluctant Customers
Tuesday, May 13 5:00 PM - 6:15 PM
PCIT-B322
Deploying and Managing Work Folders
Wednesday, May 14 10:15 AM - 11:30 AM
PCIT-B324
How to Rapidly Design and Deploy an Active Directory Federation Services Farm: The Do's
and the Don'ts
Wednesday, May 14 8:30 AM - 9:45 AM
PCIT-B326
Providing SaaS Single Sign-on with Microsoft Azure Active Directory
Thursday, May 15 10:15 AM - 11:30 AM
PCIT-B327
Introducing Web Application Proxy in Windows Server 2012 R2: Enable Work from Anywhere
Wednesday, May 14 3:15 PM - 4:30 PM
PCIT-B328
Microsoft Identity Manager vNext Overview
Wednesday, May 14 5:00 PM - 6:15 PM
PCIT-B330
Active Directory + BYOD = Peace of Mind
Thursday, May 15 8:30 AM - 9:45 AM
Hybrid Identity
http://aka.ms/hybrididentity
Access & Information Protection
http://aka.ms/aip
Windows Server 2012 R2
http://aka.ms/ws2012r2
Azure Active Directory
http://aka.ms/azureactivedirectory
Identity Manager
http://aka.ms/identitymanager
Hybrid Identity Whitepaper
http://aka.ms/hybrididentitywp
Hybrid Identity Datasheet
http://aka.ms/hybrididentityds
Active Directory Deployment and Management Enhancements
http://go.microsoft.com/?linkid=9838440
Enabling Secure Remote Users with RemoteApp, DirectAccess and DAC
http://go.microsoft.com/?linkid=9838462
Migrating Active Directory to Windows Server 2012 R2
http://go.microsoft.com/?linkid=9842894
Implementing a Basic PKI in Windows Server 2012 R2
http://go.microsoft.com/?linkid=9842895
Windows Server 2012 R2: New Features in AD FS
http://go.microsoft.com/?linkid=9842896
Workplace Join
http://go.microsoft.com/?linkid=9836553
Work Folders
http://go.microsoft.com/?linkid=9839828
AD FS and Claims apps
http://go.microsoft.com/?linkid=9836552
http://channel9.msdn.com/Events/TechEd
www.microsoft.com/learning
http://microsoft.com/technet
http://microsoft.com/msdn