Upload
peter-bishop
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
Identity Management for Mid-Market Customers
Dave Sayers
Technology Specialist
AgendaAgenda
• What do we consider the mid-market?What do we consider the mid-market?
• What is Identity Management?What is Identity Management?
• Typical types of systemTypical types of system
• The building blocks of an identity management solutionThe building blocks of an identity management solution
• Active DirectoryActive Directory
• AD/AMAD/AM
• MIIS/IIFPMIIS/IIFP
• When a mid-market customer needs to think about When a mid-market customer needs to think about Identity ManagementIdentity Management
• Real worldReal world
Microsoft Customer SegmentationMicrosoft Customer Segmentation
Small BusinessSmall Business Mid-MarketMid-Market EnterpriseEnterprise
LowerLowerSmallSmall
BusinessBusiness((LSBLSB))
CoreCoreSmallSmall
BusinessBusiness((CSBCSB))
Lower Lower Mid- Mid-
MarketMarket((LMMLMM))
Core Core Mid-Mid-
MarketMarket((CMMCMM))
Upper Upper Mid-Mid-
MarketMarket((UMMUMM))
CorporateCorporateAccountsAccounts
((CASCAS))
Global, Global, Major &Major &
StrategicStrategicAccountsAccounts
CharacteristicCharacteristicss
# PCs# PCs
# Employees# Employees
< 5< 5 5 -24 PCs5 -24 PCs 24 – 49 24 – 49 PCsPCs
50-250 50-250 PCsPCs
250-250-500 500 PCsPCs
>500 PCs>500 PCs >2500 >2500 PCsPCs
<10<10 10-4910-49 50-99 50-99 100-500 100-500 500-500-10001000 >1000>1000 >5000>5000
Sources: AMI data, Microsoft InternalSources: AMI data, Microsoft Internal
Medium Sized Businesses TodayMedium Sized Businesses Today
• Typically:Typically:• 1-2 IT managers who are depended 1-2 IT managers who are depended
on to keep all aspects of the on to keep all aspects of the business runningbusiness running
• Technology demands often as Technology demands often as sophisticated as a very large sophisticated as a very large business, but limited IT budgetsbusiness, but limited IT budgets
• Upgrade project looks complex and Upgrade project looks complex and they are busy they are busy
• Consolidation is often not a valid Consolidation is often not a valid motivator (not enough servers)motivator (not enough servers)
Identity ManagementIdentity Management
• Users are represented in multiple locations within an Users are represented in multiple locations within an organisationorganisation
• Directories, databases, proprietary apps.Directories, databases, proprietary apps.
• Identity information is fragmentedIdentity information is fragmented
• No recognised ‘master directory’No recognised ‘master directory’
• Systems were not designed to work togetherSystems were not designed to work together
• Systems and data owned by different political unitsSystems and data owned by different political units
• Tremendous information redundancyTremendous information redundancy
• = management complexity and inconsistent data= management complexity and inconsistent data
• Often managed ‘manually’ – e.g. Help DesksOften managed ‘manually’ – e.g. Help Desks
Identity Lifecycle ManagementIdentity Lifecycle Management
New UserNew User- User ID CreationUser ID Creation- Credential IssuanceCredential Issuance- Access RightsAccess Rights
Account ChangesAccount Changes- PromotionsPromotions- TransfersTransfers- New PrivilegesNew Privileges- Attribute ChangesAttribute Changes
Password MgmtPassword Mgmt- Strong PasswordsStrong Passwords- ““Lost” PasswordLost” Password- Password ResetPassword Reset
Retire UserRetire User- Delete/Freeze AccountsDelete/Freeze Accounts- Delete/Freeze EntitlementsDelete/Freeze Entitlements
Identity & Access Management (IAM)Identity & Access Management (IAM)
Who am IWho am I
What can I doWhat can I do
Identity storeIdentity store
AdministrationAdministration
Identity & Access Management Identity & Access Management (IAM):(IAM):
Providing the right people with the Providing the right people with the right access at the right timeright access at the right time
Identity & Access Management (IAM)Identity & Access Management (IAM)
AuthenticationAuthentication
AuthorisationAuthorisation
DirectoryDirectory
User / Resource AdminUser / Resource Admin
Identity & Access Management Identity & Access Management (IAM):(IAM):
Providing the right people with the Providing the right people with the right access at the right timeright access at the right time
IAM Components: Who am I ? (Authentication)IAM Components: Who am I ? (Authentication)
What is Authentication?What is Authentication?
• Authentication is about are you Authentication is about are you who they say you are to enable who they say you are to enable business transactions.business transactions.
Authentication Examples:Authentication Examples:
• User names and PasswordsUser names and Passwords
• PIN NumbersPIN Numbers
• Digital Certificates (PKI)Digital Certificates (PKI)
• Tokens (SecurID)Tokens (SecurID)
• BiometricsBiometrics(Hand Scans, Retinal Scans)(Hand Scans, Retinal Scans)
• Microsoft / Partner Products:Microsoft / Partner Products:
• Kerberos V5Kerberos V5
• Microsoft PassportMicrosoft Passport
• Microsoft Credential ManagerMicrosoft Credential Manager
IAM Components: What can I do (Authorisation)IAM Components: What can I do (Authorisation)
What is Authorisation?What is Authorisation?
• Now you say who you are what Now you say who you are what application functionality do you application functionality do you have access too?have access too?
What does Authorisation provide:What does Authorisation provide:
• The ability to grant access to The ability to grant access to applications and data based on applications and data based on “roles”“roles”
• An infrastructure to enable An infrastructure to enable authentication into multiple authentication into multiple applicationsapplications
• Single Sign-on to web applicationsSingle Sign-on to web applications
• Reduces operating costs Reduces operating costs associated with user access controlassociated with user access control
Microsoft / Partner Products:Microsoft / Partner Products:
• Authorisation Manager (included in Authorisation Manager (included in the Server 2003 package)the Server 2003 package)
• Oblix Net PointOblix Net Point
• OpenNetworkOpenNetwork Dir SmartDir Smart
IAM Components: Administration IAM Components: Administration (User / Resource Admin(User / Resource Admin))
What is User Management?What is User Management?
• To provision the tools and To provision the tools and applications to enable you to applications to enable you to perform you job roleperform you job role
What does User Management What does User Management provide: provide:
• Automated joiners and giving them Automated joiners and giving them access to applications to do their access to applications to do their job (provisioning)job (provisioning)
• Automated removal of ‘leavers’ Automated removal of ‘leavers’ from multiple systems (de-from multiple systems (de-provisioning)provisioning)
• Self-service and delegatedSelf-service and delegatedmanagement functionalitymanagement functionality
Microsoft / Partner Products:Microsoft / Partner Products:
• Microsoft Identity Integration ServerMicrosoft Identity Integration Server
• Microsoft BizTalk ServerMicrosoft BizTalk Server
• OblixOblix NetpointNetpoint
• OpenNetworkOpenNetwork Dir SmartDir Smart
.
IAM Components: Identity Store (DirectoryIAM Components: Identity Store (Directory))
What is a Directory?What is a Directory?
• A directory serves as a repository A directory serves as a repository for user information.for user information.
What does a Directory provide:What does a Directory provide:
• Central secure and resilient Central secure and resilient repository for user identitiesrepository for user identities
• Able to deliver fast response times Able to deliver fast response times to hundreds of queries per second. to hundreds of queries per second.
• Integration to major applicationsIntegration to major applications
• Key Microsoft / Partner Key Microsoft / Partner Products:Products:
• Microsoft Active DirectoryMicrosoft Active Directory
• Microsoft Identity Integration ServerMicrosoft Identity Integration Server
• Microsoft ADAM (Application Microsoft ADAM (Application Directory)Directory)
Microsoft Identity ManagementMicrosoft Identity Management
Active DirectoryActive DirectoryActive DirectoryActive Directory
Scalable Directory Services Scalable Directory Services Foundation for Identity & Access MgtFoundation for Identity & Access Mgt Flexible Authentication InfrastructureFlexible Authentication Infrastructure
Scalable Directory Services Scalable Directory Services Foundation for Identity & Access MgtFoundation for Identity & Access Mgt Flexible Authentication InfrastructureFlexible Authentication Infrastructure
Technology Technology PartnersPartners
Technology Technology PartnersPartners
Extending Active DirectoryExtending Active Directory Enterprise and Web Single Sign-OnEnterprise and Web Single Sign-On Comprehensive Application Access MgtComprehensive Application Access Mgt
Extending Active DirectoryExtending Active Directory Enterprise and Web Single Sign-OnEnterprise and Web Single Sign-On Comprehensive Application Access MgtComprehensive Application Access Mgt
Microsoft Identity Microsoft Identity Integration ServerIntegration ServerMicrosoft Identity Microsoft Identity Integration ServerIntegration Server
Directory Integration and SynchronizationDirectory Integration and Synchronization Provisioning, Deprovisioning, ManagementProvisioning, Deprovisioning, Management Password ManagementPassword Management
Directory Integration and SynchronizationDirectory Integration and Synchronization Provisioning, Deprovisioning, ManagementProvisioning, Deprovisioning, Management Password ManagementPassword Management
Specific Technology Specific Technology SolutionsSolutions
Specific Technology Specific Technology SolutionsSolutions
Host Integration ServerHost Integration Server Services for UnixServices for Unix Services for NetwareServices for Netware BizTalk (Workflow & EntSSO)BizTalk (Workflow & EntSSO)
Host Integration ServerHost Integration Server Services for UnixServices for Unix Services for NetwareServices for Netware BizTalk (Workflow & EntSSO)BizTalk (Workflow & EntSSO)
Typical Types of SystemTypical Types of System
• HR HR
• NOS NOS
• EmailEmail
• Phone systemPhone system
• Expenses systemExpenses system
• CRMCRM
The Active Directory DreamThe Active Directory Dream
• ““Enterprise directory” + “NOS directory”Enterprise directory” + “NOS directory”• Repository of consolidated informationRepository of consolidated information• Centralized management, provisioningCentralized management, provisioning• Single-sign-onSingle-sign-on• Data re-used by many applicationsData re-used by many applications
Active Directory Portal Portal applicationapplication
Whitepages/Whitepages/GALGAL
Generic appGeneric appusing single-using single-sign-onsign-on
HR/ERP HR/ERP applicationapplication
Automated provisioningAutomated provisioning
LDAP,LDAP,KerberosKerberos
Centralized Centralized managementmanagement
LDAP,LDAP,KerberosKerberos
Policy-based admin,Policy-based admin,single-sign-on, forsingle-sign-on, forWindows-based resourcesWindows-based resources
Where We Are TodayWhere We Are Today
• Directories deployed per-app; little re-useDirectories deployed per-app; little re-use
• Provisioning, sync are ad-hocProvisioning, sync are ad-hoc
Active Directory
Portal Portal applicationapplication
WhitepagesWhitepages
GenericGenericLDAP-basedLDAP-basedappapp
HR/ERP HR/ERP appapp
LDAPLDAP
Centralized Centralized managementmanagement
Policy & SSOPolicy & SSOfor Windowsfor Windows
DatabaseDatabase
LDAPLDAP
Generic Generic dumpdump
(Non-existent)(Non-existent)
Ad-hoc Ad-hoc syncsync
ADAMADAM
eDirectoryeDirectory
Outlook/Outlook/ExchangeExchange
LDAPLDAP
iPlanetiPlanetMAPIMAPI
Getting to a Single DirectoryGetting to a Single Directory• Very difficultVery difficult
• Existing application requirementsExisting application requirements
• Scope of application (local vs. global)Scope of application (local vs. global)
• Schema requirementsSchema requirements
• Control of application/identity informationControl of application/identity information
• How to deal with multiple account storesHow to deal with multiple account stores
• Infrastructure Directory – GlobalInfrastructure Directory – Global
• Application Directories – Local to ApplicationApplication Directories – Local to Application
• Metadirectory – Integration/Business ProcessMetadirectory – Integration/Business Process
ADAM ArchitectureADAM Architecture
• Same code as Active Directory - just a new modeSame code as Active Directory - just a new mode
• Programming model, admin tools virtually identical to Programming model, admin tools virtually identical to NOS AD – familiarity means skill sets easily NOS AD – familiarity means skill sets easily transferabletransferable
NOS Active Directory Active Directory Application Mode
LSASSLSASS
DSADSA
LDAPLDAP
SAMSAM
MAPIMAPI REPLREPL KDCKDC LanmanLanman
DNSDNS FRSFRS
dependencies
ADAMADAM
DSADSA
LDAPLDAP REPLREPL
(traditional AD minus infrastructure mgmt)
Availability & ComponentsAvailability & Components
• Directory Core Directory Core • Contains the DSA, LDAP and Replication layersContains the DSA, LDAP and Replication layers
• Runs as its own process/serviceRuns as its own process/service
• SetupSetup• To copy binaries, install & start the serviceTo copy binaries, install & start the service
• ToolsTools• Familiar AD tools to manage ADAM installationsFamiliar AD tools to manage ADAM installations
• DocumentationDocumentation• Programmers Reference in Platform SDKProgrammers Reference in Platform SDK
New CapabilitiesNew Capabilities
• Simple install and setup Simple install and setup
• No DCPROMONo DCPROMO
• Wizard with defaults, just “Next” throughWizard with defaults, just “Next” through
• Does not turn machine into DCDoes not turn machine into DC
• Restart or reinstall without rebootRestart or reinstall without reboot
• Multiple instances on single machineMultiple instances on single machine
• Each instance with own schemaEach instance with own schema
• X.500-style O=, C= namingX.500-style O=, C= naming
ADAM Usage ScenariosADAM Usage Scenarios
• Example: web portal with personalizationExample: web portal with personalization
• Store personalization info in ADAMStore personalization info in ADAM
• Use AD for authenticationUse AD for authentication
ADAMADAM
Infrastructure Active DirectoryInfrastructure Active Directory
WebWebportalportal
Store/Store/retrieveretrievedatadata
ClientClient
AuthenticationAuthentication
ServerServer
• Store app data without extending infrastructure directoryStore app data without extending infrastructure directory• App data keyed off identifier from infra directoryApp data keyed off identifier from infra directory
AD/AMAD/AM
InfrastructureInfrastructure DirectoryDirectory
WebWebportalportal
Store/Store/retrieveretrievedatadata
ClientClient
ServerServer
Data specific Data specific to portal appto portal app
Data shared Data shared by multiple appsby multiple apps
User (right) User (right) and “shadow” (left)and “shadow” (left)
ADAM Usage ScenariosADAM Usage Scenarios
ADAM
Where MIIS fits in
DS-enabledDS-enabledappapp
HR/ERP HR/ERP appapp
CentralizedCentralizedidentity identity
managementmanagement
DatabaseDatabase
MIIS 2003MIIS 2003
IntegrationIntegrationServicesServices
App DSApp DS
App DSApp DSADAMADAM
Infrastructure Directory
ActiveActiveDirectoryDirectory
DS-enabledDS-enabledappapp
App DSApp DSADAMADAM
DS-enabledDS-enabledappapp33rdrd-party DS-party DS
accessaccess
syncsync
What is a Metadirectory?What is a Metadirectory?
• Service that collects information from Service that collects information from different data sourcesdifferent data sources
• Combines all or part of that information Combines all or part of that information into an integrated viewinto an integrated view
• Apply rules as to how information is Apply rules as to how information is managedmanaged
• Which source is authoritativeWhich source is authoritative
• How attributes flowHow attributes flow
ADAD
Metadirectory
Name : Dave SayersEmployee ID : 100100Telephone No. : 111222
Name : dsayersEmployee ID : 100100
Email : [email protected]
Name : Dave SayersEmployee ID : 100100
Telephone No. : 111222Email : [email protected]
MIIS 2003 Architecture
• MIIS runs as a service
• Management Agents (MA) connect to systems
• Metadirectory data stored in SQL
• Admin client connects to service via DCOM
MA ControllerMA Controller
iPlanetiPlanetMAMA
ADADMAMA
OracleOracleMAMA
……MAMA
MIIS ServiceMIIS Service
AD/E2KAD/E2KiPlanetiPlanet OracleOracle
MIIS AdminMIIS AdminClientClient
DCOMDCOM
MIISMIISStoreStore
MIIS - ConceptsMIIS - Concepts
• Connected Directory Connected Directory (CD)(CD)
• Source and/or Source and/or destination for destination for synchronisedsynchronised attributesattributes
• Connector Space (CS)Connector Space (CS)• Staging area for Staging area for
inbound or outbound inbound or outbound synchronised synchronised attributesattributes
• Metaverse (MV)Metaverse (MV)• Central (SQL) store of Central (SQL) store of
identity informationidentity information• Matching CS entries to Matching CS entries to
a single MV entry is a single MV entry is called “join”called “join”
ADAD
OracleOracle
SQLSQL
ExchangeExchange5.55.5
ConnectedConnectedDirectoriesDirectories
MetaverseMetaverse
UserUser
ConnectorSpace
Key concepts for MIIS
• Provisioning/Deprovisioning
• Making a user productive immediatelyMaking a user productive immediately
• Role changes, planned/urgent terminationsRole changes, planned/urgent terminations
• Grant and ensure appropriate accessGrant and ensure appropriate access
• Minimize costsMinimize costs
• Increase security through strong defaultsIncrease security through strong defaults
• SynchronisationSynchronisation
• Attribute FlowAttribute Flow
• Password ManagementPassword Management
Key Scenarios
• Hire/Fire
• For multiple-site and/or high staff turnover customers
• Integration
• Mergers and Acquisitions
GAL – The issueGAL – The issue
Forest 1Forest 1ExchangeExchange
Forest 3Forest 3ExchangeExchange
Forest 2Forest 2No ExchangeNo Exchange
Global Address List is per Exchange Org, per forestGlobal Address List is per Exchange Org, per forest
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GCOutlook Outlook
ClientClient
Exchange Exchange Server/GCServer/GC
Outlook Outlook ClientClient
??
msExchMasterAccountSID
Identity Integration Feature PackIdentity Integration Feature Pack
• Version of MIIS which contains:
• GALSync MA
• Active Directory MA
• ADAM MA
• Users are represented as contacts
• Distribution and Security Groups are represented as contacts
• Contacts are represented as contacts
• GAL Sync ADMA is a preconfigured Active Directory Management Agent released with MIIS 2003
• Uses the LDAP DIRSYNC control
• Handles rename and moves of objects
• Detects and uses AD forest schema
GAL Sync DeploymentGAL Sync Deployment
• Step1: Gathering dataStep1: Gathering data
• Determine Source and Target forest informationDetermine Source and Target forest information
• Step2: Setup GAL Sync ADMAStep2: Setup GAL Sync ADMA
• Setup one GAL Sync AD Management Agent per Exchange Setup one GAL Sync AD Management Agent per Exchange forest with source and target forest information forest with source and target forest information
• Step3: Verify configurationStep3: Verify configuration
• Type of objects, rules, run profilesType of objects, rules, run profiles
• Step 4: Run SyncStep 4: Run Sync
GAL Sync - Syncing UsersGAL Sync - Syncing Users
Forest 1Forest 1ExchangeExchange
Forest 3Forest 3ExchangeExchange
Forest 2Forest 2No ExchangeNo Exchange
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
Outlook Outlook ClientClient
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
GAL Sync - Syncing UsersGAL Sync - Syncing Users
Forest 1Forest 1ExchangeExchange
Forest 3Forest 3ExchangeExchange
Forest 2Forest 2No ExchangeNo Exchange
IIFP Server
Set up an IIFP serverSet up an IIFP server
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
Outlook Outlook ClientClient
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
GAL Sync - Syncing UsersGAL Sync - Syncing Users
Forest 1Forest 1ExchangeExchange
Forest 3Forest 3ExchangeExchange
Forest 2Forest 2No ExchangeNo Exchange
IIFP Server
IIFP will get object information for every user in a forest, IIFP will get object information for every user in a forest,
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
Outlook Outlook ClientClient
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
GAL Sync - Syncing UsersGAL Sync - Syncing Users
Forest 1Forest 1ExchangeExchange
Forest 3Forest 3ExchangeExchange
Forest 2Forest 2No ExchangeNo Exchange
IIFP Server
For users in a forest, IIFP will create contacts in other forestsFor users in a forest, IIFP will create contacts in other forests
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
Outlook Outlook ClientClient
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
GAL Sync - Syncing UsersGAL Sync - Syncing Users
Forest 1Forest 1ExchangeExchange
Forest 3Forest 3ExchangeExchange
Forest 2Forest 2No ExchangeNo Exchange
IIFP Server
Exchange will populate Address List (s) with the contactsExchange will populate Address List (s) with the contacts
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
Outlook Outlook ClientClient
Outlook Outlook ClientClient
Exchange Exchange Server/GCServer/GC
GAL SyncGAL Sync
Beyond GALsyncBeyond GALsync
• IIFP will support AD to AD as well as AD to ADAM syncIIFP will support AD to AD as well as AD to ADAM sync
• Useful for integrating printing between the two forests:Useful for integrating printing between the two forests:
• Use IIFP to synchronise sites, subnets and printersUse IIFP to synchronise sites, subnets and printers
• Allow the use of printer location trackingAllow the use of printer location tracking
• Meets the requirement of making it easy for roaming users to Meets the requirement of making it easy for roaming users to print in other officesprint in other offices
• But sometimes it’s just not enough…But sometimes it’s just not enough…
MIIS Deployment and ManagementMIIS Deployment and Management
• Easy to deployEasy to deploy• No agents to deploy on connected systemsNo agents to deploy on connected systems
• MIIS can stand-alone or share clustered SQLMIIS can stand-alone or share clustered SQL
• Migrate configuration from test to production via XML filesMigrate configuration from test to production via XML files
• Easy to extend existing deploymentEasy to extend existing deployment• System is designed so that it’s easy to incrementally add capabilitiesSystem is designed so that it’s easy to incrementally add capabilities
• Easily add more systems or expand business rulesEasily add more systems or expand business rules
• Easy to troubleshoot and ManageEasy to troubleshoot and Manage• Preview ModePreview Mode
• Data LineageData Lineage
• All error information stored in the databaseAll error information stored in the database
• MOM Management Pack available for downloadMOM Management Pack available for download
SSO/Access ManagementSSO/Access Management
• SSOSSO
• Can be straightforward across Windows estates (Exchange, Can be straightforward across Windows estates (Exchange, trust relationships)trust relationships)
• 33rdrd parties offer additional capabilities parties offer additional capabilities
• Access ManagementAccess Management
• ACLsACLs
• RBACRBAC
• Access Management can be challenging in Access Management can be challenging in merger/acquisition scenariosmerger/acquisition scenarios
• Selective AuthenticationSelective Authentication
Selective AuthenticationSelective Authentication
Putting it all togetherPutting it all together
• Active Directory acts as NOS and ‘network identity’Active Directory acts as NOS and ‘network identity’
• ADAM can be used for additional information or as ADAM can be used for additional information or as another identity storeanother identity store
• IIFP can join these two togetherIIFP can join these two together
• Start to incorporate additional systems using MIISStart to incorporate additional systems using MIIS
• Single sign-on enabled through 3Single sign-on enabled through 3rdrd party products party products
• ADFS?ADFS?
MIIS ProjectsMIIS Projects
• Common Objections :Common Objections :
• CostCost
• Complexity of the projectComplexity of the project
• Self-service Self-service
• AD RequirementAD Requirement
• No LDAP headNo LDAP head
• Does not support real-time updatesDoes not support real-time updates
• Connected Directory reachConnected Directory reach
• Customer storiesCustomer stories
Putting it all together – a full Identity Management Solution
Summary/Call to ActionSummary/Call to Action
• Identity Management is relevant to almost all customersIdentity Management is relevant to almost all customers
• Although in certain scenarios for mid-market customersAlthough in certain scenarios for mid-market customers
• Microsoft provides the core building blocks for building Microsoft provides the core building blocks for building an identity management solutionan identity management solution
• Examine the capability to use these solutions in your Examine the capability to use these solutions in your businessbusiness
• If an acquisitive customer, have a process to use IIFP for If an acquisitive customer, have a process to use IIFP for a consolidated GALa consolidated GAL
ResourcesResources• Technical Chats and WebcastsTechnical Chats and Webcasts• http://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/communities/chats/default.mspx
• http://www.microsoft.com/usa/webcasts/default.asphttp://www.microsoft.com/usa/webcasts/default.asp
• Microsoft Learning and CertificationMicrosoft Learning and Certification• http://www.microsoft.com/learning/default.mspxhttp://www.microsoft.com/learning/default.mspx
• MSDN & TechNet MSDN & TechNet • http://microsoft.com/msdnhttp://microsoft.com/msdn
• http://microsoft.com/technethttp://microsoft.com/technet
• Virtual LabsVirtual Labs• http://www.microsoft.com/technet/traincert/virtuallab/rms.mspxhttp://www.microsoft.com/technet/traincert/virtuallab/rms.mspx
• NewsgroupsNewsgroups• http://communities2.microsoft.com/http://communities2.microsoft.com/
• communities/newsgroups/en-us/default.aspxcommunities/newsgroups/en-us/default.aspx
• Technical Community SitesTechnical Community Sites• http://www.microsoft.com/communities/default.mspxhttp://www.microsoft.com/communities/default.mspx
• User GroupsUser Groups• http://www.microsoft.com/communities/usergroups/default.mspxhttp://www.microsoft.com/communities/usergroups/default.mspx
© 2006 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only.MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.