Join our webinar on Friday, April 28th: Make Routine Tasks Quick and Easy for HR and Employees  REGISTER NOW

Is FIM/MIM a SSO solution?

Generally speaking, the problem of managing passwords could be broken down into the following two areas:

  • Back-end Password Synchronization: Replicating change in the password in an authoritative datastore to other enterprise datastores
  • User experience: On-demand password entry on the logon screen for the application a user wants to use

MIM/FIM does offer a solution for the first item. However, it doesn't handle the second area. It still leaves upto the user to provide the password to the application upon demand.

It can help by synchronization of all these password thus making it easier on the user. Result: Instead of remembering, lets say 10 passwords for 10 application they only have to remember one password for all those applications.


The following would be my recommedation to handle the second area:

  • As much as possible, Kerberize the application/s so that the app can leverage user's windows kerberos credentials. Result: eliminates the need for password entry to provide true SSO
  • For apps which cannot be kerberized, you may have to fall back on password manager's like Passlogix, Evidian SSO, Quest ESSO or other solutions in that space.

Topics: Applications & Infrastructure


You might like these too

Are we living in a connec...


FIM service database usag...

The following script could be helpful in determining the current usage of the database for...

Installation of AD FS 2.0...

Federation Proxy is required to service federated authentication requests when the user is...