FIM Portal
FIM Portal is usually the starting point for administrators who will configure FIM Service. The configuration of FIM Service is usually done using FIM Portal, but it may also be configured using Power Shell or even your own custom interface.
FIM Portal can also be used for self-service scenarios, allowing users to manage some aspect of the Identity Management process.
FIM Portal is actually an ASP.NET application using Microsoft Sharepoint as a foundation, and can be modified in many ways.
Self Service Password Reset (SSPR)
The Self Service Password Reset (SSPR) feature of FIM is a special case, where most components used to implement it are built-in.
The default method is using what is called a QA Gate. FIM 2010 R2 also has built-in methods for using a One Time Password (OTP) that can be sent using either SMS, or e-mail services.
In short, the QA Gate works in the following way:
- The administrator defines a number of questions.
- Users register for SSPR and provide answers to the questions.
- Users are presented with the same questions, when a password reset is needed.
- Giving the correct answers identifies the user and allows them to reset their password.
Once the FIM administrator has used FIM Portal to configure the password reset feature, the end user can register his answers to QA Gate.
If the organization has deployed FIM Password Reset Extension to the end user's Windows client, the process of registration and reset can be made directly from the Windows client. If not, the user can register and reset his password using the password registration and reset portals.