Step 7: Perform postinstallation tasks
Applies To: Forefront Identity Manager
In this step, you configure the servers in the test lab to prepare them for the test lab scenario. This configuration consists of the following tasks:
Install Microsoft Visual Studio
Create an organizational unit in Active Directory to hold objects maintained by BHOLD.
Add registry entries on FIM1
Add attributes to the BHOLD Core user object type
Install Visual Studio 2012 on FIM1
Later in the test lab guide, you will be required to create a Forefront Identity Manager 2010 (FIM) metaverse rules extension dynamic-link library. To accomplish this, you must have installed Microsoft Visual Studio on FIM1. Microsoft Visual Studio 2012 Professional is recommended.
To install Microsoft Visual Studio 2012 Professional
Log on to FIM1 as CORP\Administrator.
Navigate to the folder that contains the setup files for Microsoft Visual Studio 2012 Professional and double-click vs_professional.exe.
On the first screen, select the I agree to the License terms and conditions check box, and then click Next.
On the next screen, clear the Select All check box, and then click Install. Installation will take several minutes.
When setup is complete, click Launch.
In the Choose Default Environment Settings dialog box, click Visual Basic Development Settings, and then click Start Visual Studio.
Close Visual Studio and log off FIM1.
Create the FIMManaged organizational unit in Active Directory
Creating a dedicated organizational unit to hold the users and groups that will be managed by BHOLD and FIM makes it easier to isolate those objects from other objects maintained by Active Directory Domain Services.
To create the FIMManaged organizational unit
Log on to DC1 as CORP\Administrator.
Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
In Active Directory Users and Computers, right-click corp.contoso.com, point to New, and then click Organizational Unit.
In the New Object – Organizational Unit dialog box, type
FIMManaged
, and then click OK.Close Active Directory Users and Computers, and then log off DC1.
Add registry entries on FIM1
The metaverse rules extension relies on a registry entry that specifies the Active Directory Domain Services domain.
Warning
Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data.
To specify the domain in the registry
Log on to FIM1 as CORP\Administrator.
Click Start, type
regedit
, and then press the Enter key.In Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\bhold.
Right-click b1Core, point to New, and then click String Value
Type
DomainName
, and then press the Enter key twice.Type
dc=corp,dc=contoso,dc=com
, and then click OK.Close Registry Editor.
The test lab guide scenario demonstrates how BHOLD Core can be configured to manage roles based on user attributes. To enable this, you modify a registry entry to specify the user attribute and a role-name prefix that will identify the role as a user attribute–based role.
To configure the registry to support attribute-based roles
Log on to FIM1 as CORP\Administrator.
Click Start, type
regedit
, and then press the Enter key.In Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\bhold\b1core.
In the right pane, right-click b1ManagedAttributeRoles, and then click Modify.
In the Edit String dialog box, type
JobTitle,JT-;
, and then click OK.Close Registry Editor.
Add an attribute to the BHOLD Core user object type
By default, the BHOLD Core user object type does not have an attribute for storing the user’s domain. The test lab guide scenario requires this attribute, so you must add it.
To add attributes to the user object type
Log on to FIM1 as CORP\Administrator.
Click Start, click All Programs, and then click Internet Explorer.
In the Internet Explorer address bar, type
https://FIM1:5151/BHOLD/Core
, and then press the Enter key.Tip
Instead of opening Internet Explorer and typing the URL, you can double-click the Microsoft BHOLD Suite – Core shortcut that was added to your desktop when you installed BHOLD Core.
In the left pane, click Attribute Types.
On the Attribute types page, click Add.
On the Add attribute type page, in Identity, type
JobTitle
, in Maximum length, type25
, and then in English, type Job Title, and then click OKIn the left pane, click Attribute type sets.
On the Attribute type sets page, click Common user attributes.
On the Attribute type set/Common User Attributes page, expand Attribute types, and then click Modify.
On the Attribute types of attribute type set/Common User Attributes page, in the Attribute type list, click bholdDomain, and then click Add.
In the Attribute type list, click JobTitle, click Add, and then click Done.
Close Internet Explorer, and then restart the FIM1 server.
Next step
To continue building the Access Management Connector test lab, see Step 8: Create a sample HR database.