I was getting ready to try out some of the various installation topologies that may be possible with ILM "2" including: separating the Portal and the Service (definitely possible), having two portals point back to the same service (I think it's possible), when I came across the most interesting item in the ILM "2" installation guide in the section on Installing the ILM Service and ILM Portal on separate servers. Let's see if you can spot it too:
On ILM Service server, edit the file
- c:\Program Files\Microsoft Identity Management\Common Services\Microsoft.ResourceManagement.Service.exe.config as follows:
-
<resourceManagementService certificateName="IdentityLifecycleManager2" confirmHumanity="false" servicePrincipalName="IdentityManagementService/computername"/>
-
What in the world can that be about? confirmHumanity="false"? Well at least the coder followed camelCasing so we may have a hint as to the perpetrator's identity -- Jerry Camel have you been doing some work for Microsoft?
Will someone please explain what this means? Is ILM "2" the Terminator? I mean it will deactivate and deprovision your accounts when you leave -- and afterwards it can show that you have been terminated!
We may never know! But comments are welcome.
1 comment:
With Joe's permissions I am posting the comment he attempted to post earlier:
Apologies for spoiling the fun, but the confirm humanity config setting has no effect in ILM “2”.
This config setting is leftover from the early days of the product when we included Captcha support for AuthN. Setting this to true meant that users would go through a Captcha gate during AuthN, much like I had to do when submitting a comment. We removed that feature early on in ILM and omitted cleaning up the default config file. Today if you want a Captcha gate you would have to add a custom AuthN workflow.
Hope that helps,
Joe Schulman
Post a Comment