From FIM/MIM to Cloud Sync: Complete Identity Journey with Australia’s Top Identity MVP Darren “Doc” Robinson
Cybersecurity

Entra.News - Your weekly dose of Microsoft Entra

From FIM/MIM to Cloud Sync: Complete Identity Journey with Australia’s Top Identity MVP Darren “Doc” Robinson

Entra.News - Your weekly dose of Microsoft EntraMar 21, 2026

Why It Matters

Understanding this migration path is crucial for organizations aiming to modernize their identity infrastructure while preserving legacy investments. The episode equips IT professionals with the knowledge to design secure, scalable, and compliant identity solutions that leverage Azure’s cloud capabilities, making the transition to zero‑trust architectures both feasible and strategic.

Key Takeaways

  • Started with Novell sync, moved to Microsoft identity platforms
  • Explains ECMA connectors bridging legacy systems to Entra
  • Cloud Sync uses lightweight on‑prem shim and SCIM provisioning
  • Granfield PowerShell agent upgraded for PowerShell 7, parallel processing
  • Modern provisioning maps attributes and roles via Intra application registrations

Pulse Analysis

Darren “Doc” Robinson’s career reads like a timeline of identity management itself. He began linking Unix and Novell networks in the early ’90s, then migrated NT domains to Novell’s master directory using Synchronicity. After Microsoft acquired Zoomit, he worked with Meta Directory Services, One Identity and SailPoint before settling on Microsoft’s long‑term platform. That deep‑rooted experience gives him a rare perspective on why legacy directories still matter and how they paved the way for today’s Azure AD and Entra ID ecosystems. Understanding that history is essential for any organization planning a secure, zero‑trust identity strategy.

The core of modern identity governance is the ECMA (Extensible Connector Management Agent) framework, which translates legacy objects into the Entra provisioning service. Instead of a bulky on‑prem sync engine, Cloud Sync deploys a lightweight shim that receives SCIM‑based change notifications from Entra and forwards them to custom connectors for LDAP, SQL, SAP or bespoke APIs. Administrators define object types, attribute mappings and scope rules directly in the Intra application registration, allowing real‑time or scheduled synchronization without manual flat‑file extracts. This approach reduces complexity, improves reliability, and ensures that cloud‑first applications receive accurate user representations while preserving existing on‑prem assets.

To keep the connector model agile, Darren championed the Granfield PowerShell Management Agent, originally built for PowerShell 5 and later refactored for PowerShell 7, 64‑bit execution and parallel processing. The updated agent can ingest thousands of records concurrently, dramatically cutting provisioning latency for large institutions. By exposing schema, password sync and transformation scripts as simple PowerShell files, it empowers teams to customize identity flows without deep code changes. As organizations accelerate their migration to Entra ID, tools like the modernized PowerShell agent and ECMA connectors become critical enablers of seamless, secure identity governance across hybrid environments.

Episode Description

Legacy Identity to Cloud with Entra ID

Show Notes

Comments

Want to join the conversation?

Loading comments...