Folks: We are examining the Forefront Identity Product to see if it can compete against Novell's IDM product for synching of Novell eDirectory 8.8 (Netware kernel) and AD. I have tried the 2007 ILM product and it did NOT support Edirectory 8.8. I was told by my reseller to check out the FF 2010 product to see if it works with eDir 8.8 and it does not. I get "The specified server is not running eDirectory 8.6.2 or 8.6.7" when I try to configure the Management Agent How the devil can we get eDirectory 8.8 support in a Microsoft ILM product? I have a mandate to move away from eDirectory but it is not going to happen overnight.

According to this page "http://www.microsoft.com/forefront/identitymanager/en/us/faq.aspx" the following is supported by the RTM version of FIM2010:Novell eDirectory - v8.7.3, v8.8Expand the "Q. What Management Agents for connecting to other directories and systems are available?" question.

Both ILM2007 and FIM2010 can connect to eDir 8.8. There are some additional steps you have to take:Connect to your eDir as any user. In the RootDSE you should find a vendorVersion attribute.Then create the following registry key:HKLM/System/CurrentControlSet/Services/FIMSynchronizationService/Parameters/eDirectoryMASupportedServers Reg_multi_szIn the value, add the vendorVersion value obtained, e.g.LDAP Agent for Novell eDirectory 8.8 SP2 (20216.46)/AndreasThis posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/copyright.htm

Hi! On FIM 2010 after registry setting for vendorVersion I'm getting "The management agent run was terminated as there were unspecified management agent erros". Any suggestions, I'm very new to FIM 2010 solution.

Hey ast! Try to check this on your eDir! On your ConsoleOne take a look if the Enable Non-Standard client Schema Compatible Mode is Enabled or in iManager you need to take a look on the Enable old ADSI and Netscape schema output. - Diego Shimohama http://www.dshimo.com.br

Folks: We are examining the Forefront Identity Product to see if it can compete against Novell's IDM product for synching of Novell eDirectory 8.8 (Netware kernel) and AD. I have tried the 2007 ILM product and it did NOT support Edirectory 8.8. I was told by my reseller to check out the FF 2010 product to see if it works with eDir 8.8 and it does not. I get "The specified server is not running eDirectory 8.6.2 or 8.6.7" when I try to configure the Management Agent How the devil can we get eDirectory 8.8 support in a Microsoft ILM product? I have a mandate to move away from eDirectory but it is not going to happen overnight. You will never be able to get password synchronisation out of eDirectory apart from using Novell IDM. Unless Microsoft do development to support Universal Password. IMHO Novell IDM is a vastly superior product in all aspects above FIM. I have used Novell IDM product for 8+ years and am obviously biased towards it. But Designer (Offline development tool that you, develop, simulate, import and export your entire project seamlessly), DSTrace (Ability to trace the Identity Management operation's progress easily) just aren't there at all in FIM. Plus the fact that you need to write either VB or C# to do anything useful. With Novell IDM the majority of code is done in Policy Builder or stylesheets which are very easy to debug locally using Designer. The new FIM MA is relatively similar to Policy Builder however to use the FIM MA you still need to bring everything into your MV and sync out to the FIM MA and that will require some MA Rules Extension code written in VB or C#. Performance and scalability. I currently work with a Novell IDM environment which runs a production facing 4Million+ unique records (customers) in it (providing Mobile Provisioning for Value Added Services to the country’s main Mobile operator). The database runs on two 5 year old SPARC server with 4GB of ram (of which only 1.4GB is ever used), and the database size is 12GB and we run an average TPS through it of about 12Writes per second, and 200 reads per second. FIM could never come close to that performance without a lot of hardware thrown at it. For FIM SQL Database replication isn't supported, so you need to build a SQL cluster, and that's the only support solution so you are constrained to one geo-location unless you go down the SAN replication path with associated costs. With Novell IDM you just install another server in another location and replication is taken care of, plus you can have active-active connectors running in both locations against their local databases and eDir just sorts out the database replication. No comparsion. Last but not least FIM isn't event based, it's polling based, and you need to run a Powershell script to get it to actually poll. With Novell IDM everything is event based, something happens on one system, it casues an event to occur. Choose to read into this what you want. But IMHO I think FIM has a long way to go until it gets close to the Novell IDM product.