ADFS 2.0 Attribute Store for FIM

December 5, 2010 at 11:47 AMHenrik Nilsson

I know, I haven’t been blogging as much as I should but a lot of work and a whole bunch of interesting development projects have been taking up my time but I’m very pleased I can finally report that one of these projects have reached it’s first release to CodePlex.

FIM is of course the ultimate place for attributes to issue as claims using ADFS 2.0 since you typically store attributes from all different kinds of connected directories there. Not only will you be able to issue standard attributes - you can do lookups for groups, sets or roles and publish these as claims as well, perfect for authorization scenarios.

The footprint on ADFS 2.0 is minimal and it doesn't require more than the usual attribute store configuration. The attribute store also comes with a command-line test client that allows you to get the communication with FIM correct and also enables you to run custom queries against FIM. The test client is pretty much a command-line version of the FIM Query Tool once published by Joe Zamora from Ensynch except it uses the attribute store under the hood that also can be attached directly to ADFS 2.0.

It's currently in Beta so please try it out and report issues to the project page on CodePlex so that I can make it better!

The ADFS 2.0 configuration of the attribute store.

ADFS 2.0 Attribute Store for FIM

Example output from the Test client.

Test client example output

Posted in: ADFS | Federation | Forefront Identity Manager

Tags: , ,