Even though Microsoft has repeatedly announced its demise, MIM is still around. Why is it so persistent? Why are organizations continuing to implement MIM?
Over the last 20 years, Microsoft partners such Oxford Computer Group have implemented MIM for thousands of organizations of all types and sizes. What these organizations have in common is the need to automate manual or semi-manual processes for on-boarding and off-boarding staff, and managing their identity data. MIM pulls in authoritative data (usually from an HR system) and makes it available in your on-premises directory, like Active Directory (AD), and anywhere else it is needed. Large, or growing, organizations realize how important it is to have timely and accurate information about their users on which to make decisions about access (for example), and not to waste administrative effort attempting to do so manually.
What’s driving new MIM installations is the ongoing need for reliable, authoritative identity data, made even more important by the roll out of Microsoft Entra services in a Hybrid AD environment
As cloud services such as Microsoft 365 become the norm, timely and accurate identity data is needed here too. In an on-premises environment it is possible to live with sub-optimal systems which are simply unacceptable in the cloud world. For example, you may not be too worried that your AD contains a lot of unused accounts – there is no immediate cost for doing so – and the organizational perimeter provides a deal of security. Such an attitude (inadvisable in any case) cannot be carried over to the cloud. Licences cost money, and there is no cloud perimeter – identity is your only protection. Put rather more crudely, you can’t simply upload your messy AD to Azure AD – it needs to be cleaned up if this hasn’t already been done.
The identity data Microsoft Entra needs in the cloud is often sitting on-premises
Microsoft has invested in its cloud offering – and the result is spectacular. Microsoft’s Entra (which includes Azure AD) is brimming with features to make users productive, while keeping the organization secure and compliant. But that vital identity data is often sitting on-premises, and for all manner of reasons is going to be there for a while. Thus we have “Hybrid AD” – AD on-premises, Azure AD in the cloud, and a free tool from Microsoft to link the two: Azure AD Connect. This all works very well – but can you see the problem?
A new MIM installation may be a small but important part of the overall solution
That data has to be reliable, and if an organization never got around to automated management of AD based on Authoritative data (from HR or wherever), they have to do it now. Et voila! A new MIM installation is born. This is why MIM is still part of the Microsoft offering – it is a good solution until hybrid becomes a thing of the past – which may take some time.
We, at Oxford Computer Group, are all about making the benefits of Microsoft Entra available to our customers. We work with our customers and partners to build solutions that are appropriate to requirements, and future-proof. MIM is often a small, but important, part of the bigger story.
Any questions? We’re here to help!
Oxford Computer Group UK is part of an international family of companies that has been helping organizations with identity management across the world for over two decades.
- Our knowledge of MIM is unparalleled – but our expertise extends throughout the Microsoft identity stack, including Entra.
- Our consultants have many decades of Microsoft identity management experience, and offer a safe and expert pair of hands to organizations from all industry sectors.
- Our directors were commissioned by Microsoft to write the training courses for MIM – and the latest versions of these are available from our sister company Oxford Computer Training along with staff mentoring and ad-hoc support services.
Contact us today and arrange a no-obligation chat with one of our expert architects.
This blog is the second in my ‘Why is MIM not going away’ series.
- Read the third blog Has your organization lost the skills to migrate from MIM?
- Read the fourth blog Do you feel you’re stuck with MIM and legacy systems?