Step 7: Perform postinstallation tasks

  • Article

 

Applies To: Forefront Identity Manager

In this step, you configure the servers in the test lab to prepare them for the test lab scenario. This configuration consists of the following tasks:

  • Install Microsoft Visual Studio

  • Create an organizational unit in Active Directory to hold objects maintained by BHOLD.

  • Add registry entries on FIM1

  • Add attributes to the BHOLD Core user object type

Install Visual Studio 2012 on FIM1

Later in the test lab guide, you will be required to create a Forefront Identity Manager 2010 (FIM) metaverse rules extension dynamic-link library. To accomplish this, you must have installed Microsoft Visual Studio on FIM1. Microsoft Visual Studio 2012 Professional is recommended.

To install Microsoft Visual Studio 2012 Professional

  1. Log on to FIM1 as CORP\Administrator.

  2. Navigate to the folder that contains the setup files for Microsoft Visual Studio 2012 Professional and double-click vs_professional.exe.

  3. On the first screen, select the I agree to the License terms and conditions check box, and then click Next.

  4. On the next screen, clear the Select All check box, and then click Install. Installation will take several minutes.

  5. When setup is complete, click Launch.

  6. In the Choose Default Environment Settings dialog box, click Visual Basic Development Settings, and then click Start Visual Studio.

  7. Close Visual Studio and log off FIM1.

Create the FIMManaged organizational unit in Active Directory

Creating a dedicated organizational unit to hold the users and groups that will be managed by BHOLD and FIM makes it easier to isolate those objects from other objects maintained by Active Directory Domain Services.

To create the FIMManaged organizational unit

  1. Log on to DC1 as CORP\Administrator.

  2. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.

  3. In Active Directory Users and Computers, right-click corp.contoso.com, point to New, and then click Organizational Unit.

  4. In the New Object – Organizational Unit dialog box, type FIMManaged, and then click OK.

  5. Close Active Directory Users and Computers, and then log off DC1.

Add registry entries on FIM1

The metaverse rules extension relies on a registry entry that specifies the Active Directory Domain Services domain.

Warning

Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data.

To specify the domain in the registry

  1. Log on to FIM1 as CORP\Administrator.

  2. Click Start, type regedit, and then press the Enter key.

  3. In Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\bhold.

  4. Right-click b1Core, point to New, and then click String Value

  5. Type DomainName, and then press the Enter key twice.

  6. Type dc=corp,dc=contoso,dc=com, and then click OK.

  7. Close Registry Editor.

The test lab guide scenario demonstrates how BHOLD Core can be configured to manage roles based on user attributes. To enable this, you modify a registry entry to specify the user attribute and a role-name prefix that will identify the role as a user attribute–based role.

To configure the registry to support attribute-based roles

  1. Log on to FIM1 as CORP\Administrator.

  2. Click Start, type regedit, and then press the Enter key.

  3. In Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\bhold\b1core.

  4. In the right pane, right-click b1ManagedAttributeRoles, and then click Modify.

  5. In the Edit String dialog box, type JobTitle,JT-;, and then click OK.

  6. Close Registry Editor.

Add an attribute to the BHOLD Core user object type

By default, the BHOLD Core user object type does not have an attribute for storing the user’s domain. The test lab guide scenario requires this attribute, so you must add it.

To add attributes to the user object type

  1. Log on to FIM1 as CORP\Administrator.

  2. Click Start, click All Programs, and then click Internet Explorer.

  3. In the Internet Explorer address bar, type https://FIM1:5151/BHOLD/Core, and then press the Enter key.

    Tip

    Instead of opening Internet Explorer and typing the URL, you can double-click the Microsoft BHOLD Suite – Core shortcut that was added to your desktop when you installed BHOLD Core.

  4. In the left pane, click Attribute Types.

  5. On the Attribute types page, click Add.

  6. On the Add attribute type page, in Identity, type JobTitle, in Maximum length, type 25, and then in English, type Job Title, and then click OK

  7. In the left pane, click Attribute type sets.

  8. On the Attribute type sets page, click Common user attributes.

  9. On the Attribute type set/Common User Attributes page, expand Attribute types, and then click Modify.

  10. On the Attribute types of attribute type set/Common User Attributes page, in the Attribute type list, click bholdDomain, and then click Add.

  11. In the Attribute type list, click JobTitle, click Add, and then click Done.

  12. Close Internet Explorer, and then restart the FIM1 server.

Next step

To continue building the Access Management Connector test lab, see Step 8: Create a sample HR database.