This article needs to beupdated. Please help update this article to reflect recent events or newly available information.(April 2017)

Microsoft Forefront Identity Manager (FIM) is a state-basedidentity management software product, designed to manage users' digital identities, credentials, and groupings throughout the lifecycle of their membership in an enterprise computer system. FIM integrates withActive Directory andExchange Server to provide identity synchronization, certificate management, user password resets, and user provisioning from a single interface.

Part of the Microsoft Identity and Access Management platform product line, FIM superseded MicrosoftIdentity Lifecycle Manager (ILM),^[1] and was known as ILM 2 during development. ILM 2007 was created by mergingMicrosoft Identity Integration Server 2003 (MIIS) andCertificate Lifecycle Manager (CLM).

FIM 2010 utilizesWindows Workflow Foundation concepts, using transactional workflows to manage and propagate changes to a user's state-based identity. This is in contrast to most of the transaction-based competing products that do not have a state-based element. Administrators not only can create workflows with the web-basedGUI ofILM 2 portal but also include more complex workflows designed outside of the portal by importingXAML files.^[2]

FIM 2010 R2 (Release 2) was released in June 2012 and has extra capabilities:

• Improved Self-service Password Reset which supports all current web browsers
• Role Based Access Control (RBAC) via the acquisition ofBHOLD Software
• Improvement to the Reporting engine via the System Center Service Manager and MS SQL Server reporting Services (SSRS)
• A WebServices Connector to connect to SAP ECC 5/6, OraclePeopleSoft, and Oracle eBusiness
• Improvements in the areas of performance, simplified deployment and troubleshooting, better documentation, and more language support.

Forefront Identity Manager introduces the concept of "codeless provisioning",^[3] which allows administrators to create objects in any connected data source without writing any code in one of the.NET Framework languages.

The codeless provisioning provided in FIM should be able to sustain most of the simple to medium complexity scenarios for account lifecycle management. FIM fully honors existing MIIS implementations and supports "traditional" coded provisioning side-by-side with code-less provisioning methods.

• NetIQ Identity Manager

• Official website
• Certificate Lifecycle Manager Overview
• FIM Resources on the Microsoft TechNet Wiki
• FIM Best Practices Volume 1: Introduction, Architecture and Installation of Forefront Identity Manager 2010Archived 2010-11-13 at theWayback Machine

• Identity management systems
• Internet Protocol based network software
• Workflow applications
• Windows Server System
• 2010 software

• Wikipedia articles in need of updating from April 2017
• All Wikipedia articles in need of updating
• Official website different in Wikidata and Wikipedia
• Webarchive template wayback links