+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
Internet Related/Filtering/Firewall Thread, Automatic Sync of AD and Live@edu username AND passwords in Technical; ...
  1. #1

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24

    Automatic Sync of AD and Live@edu username AND passwords

    Hi,

    I'm trying to decide what is the simplest way of implementing the syncing of user names and passwords between AD and Live@edu. Originally I was looking at ILM, but that appears to have been discontinued and replaced with Forefront Identity Manager 2010, which is £1895 for the licence and another £2.60 per cal, which seems a crazy number to me.

    Is there anyway of doing it with scripts?

    Regards
    Rich

  2. #2

    Join Date
    Jun 2008
    Location
    Kensington, London
    Posts
    372
    Thank Post
    59
    Thanked 36 Times in 32 Posts
    Rep Power
    31
    there should be a special educational licence that only lets you use FIM just for live@edu stuff (or at least there was for ILM)

  3. #3

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    According to Microsoft's Live@edu specialists, ILM 2007 is still the one to use, but like you I'm having trouble getting quotes for it because all the resellers think they should be selling FIM which has a completely different licence model, and has no education version. Will let you know if and when someone gets back to me with an SKU!

  4. #4

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24
    Yes there used to be a discount for ILM but Forefront is the only one that I can get a price for.

    This might sounds stupid but Forefront Threat Management Gateway is a completely different product isn't it? Only ask because our reseller seems to think it might be similar to ILM and is only £223 per processor licence.

  5. #5

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    Forefront Threat Management Gateway is a completely different product. The problem with a lot of Microsoft resellers is they really don't know the (increasingly complicated) product catalogue very well and they get stumped by any request that is remotely out of the ordinary.

    I have been assured by Microsoft that is still possible to buy ILM, so I am still pursuing that at present.

  6. #6
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,656
    Thank Post
    164
    Thanked 220 Times in 203 Posts
    Rep Power
    67
    Yup ILM is the only way as it stands as the agent hasn't been rewritten for FIM.

    There's a big suite of Forefront-branded products now but the some of the names don't always make it obvious what they do at first glance

    One thing with the password sync... it's only password changes so if you issue an initial password to users it won't work on Live@Edu until it's been changed on the network.

  7. 2 Thanks to gshaw:

    RabbieBurns (14th December 2010), Tricky_Dicky (14th December 2010)

  8. #7

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,521
    Thank Post
    1,333
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199
    Cant really add anything else, gshaw's post covers everything you need to know...

  9. #8

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24
    Thanks for the info guys. I'm still having trouble getting a copy though.

    I can buy the physical media but the licencing is raving money. Can anyone recommend some where that I can purchase it from and an idea of cost.

    Rich

  10. #9

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,521
    Thank Post
    1,333
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199
    Try posting in the Suppliers forum, perhaps some of them have a clue about MS .edu licensing?

    Basically the ILM license for live@edu restricts you to use ILM for the sole purpose of live@edu and you cannot use it.

    We paid $200AU for it. Not really useful to give you my suppliers I guess.. Perhaps PM the Ray guy from MS who posts here..

  11. #10

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24
    Have found a supplier. Tempus will do it for £235.

  12. 2 Thanks to Tricky_Dicky:

    AngryTechnician (15th December 2010), PiqueABoo (15th December 2010)

  13. #11

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    I'm hoovering up real info so thanks for posting that price.

    Is there anyway of doing it with scripts?
    FWIW I thought about this and it will always take code: You have to make some kind of PasswordChangeNotify() agent DLL to run on each DC to capture passwords when they are changed and safely put them somewhere central for later use - presumably that's what ILM does for you. Then you've got to make the app to talk to AD, that changed password store and sync Live@Edu - which is presumably what OLSync does. A fair bit of work to make it seriously robust, and all in all a couple of hundred quid for MS to carry-the-can seems much easier.

    I'm still thinking about the viability of making some app to do syncing that doesn't involve (require) passwords for a shared address space scenario i.e. just needs to make [unmake] mailboxes and mail-users at one end or the other.

    --

    Dear folk who have ILM in production,

    What are the general ILM overheads like i.e. if you had to squish it onto an existing server how much would that hurt? I'm assuming the SQL instance doesn't hold much data and isn't too big, is that the case? Or if you've made a dedicated VM for it, what kind of "size" is it (+rough number of AD accounts)?

  14. #12

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    Quote Originally Posted by Tricky_Dicky View Post
    Have found a supplier. Tempus will do it for £235.
    Don't suppose you could post the SKU number of what they quoted could you?

  15. #13

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,521
    Thank Post
    1,333
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199
    I run ILM and SQL on a virtual server each, 1gb ram and about 80gb disk.. overkill with the HDD space I reckon.. MS recommended best practice is to have ILM and SQL sitting on the same server, but at out 2500 users theres no delay or lag..

    What would be nice though, talking of writing custom software, would be a Exchange Managment Conslole equivelent front end, for managing it. ILM takes care of accounts and password creation / sync, but the web based control panel of live@edu is very limited. If you want to make changes which are not available in the web gui, you have to resort to powershell.

    So if anyone wants to write a EMC style frontend for live@edu, please do!

  16. Thanks to RabbieBurns from:

    PiqueABoo (15th December 2010)

  17. #14

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,521
    Thank Post
    1,333
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199
    Quote Originally Posted by AngryTechnician View Post
    Don't suppose you could post the SKU number of what they quoted could you?
    Code:
    4GN-00080 	ILMSvr ALNG LicSAPk MVL Live
    taken from our licensing docs, not sure if thats what your afteR?

  18. Thanks to RabbieBurns from:

    AngryTechnician (16th December 2010)

  19. #15

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24
    Quote Originally Posted by AngryTechnician View Post
    Don't suppose you could post the SKU number of what they quoted could you?
    I don't I'm afraid.

    Going to get this and put it on a standard server and get working. It's a shame it can't do the initial sync with passwords. It isn't a problem for the teachers but will make it trickier for the kids.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. live@edu and ILM to sync passwords
    By RabbieBurns in forum How do you do....it?
    Replies: 49
    Last Post: 28th February 2012, 11:17 PM
  2. Replies: 6
    Last Post: 31st May 2011, 08:05 AM
  3. Outlook Live (Live@EDU) issue
    By mbedford in forum Office Software
    Replies: 3
    Last Post: 25th October 2010, 05:01 PM
  4. Automatic logoff
    By subjones in forum How do you do....it?
    Replies: 11
    Last Post: 26th March 2010, 04:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •