Augmenting and replacing Microsoft Identity Manager functionality with PowerSyncPro

MIM is now in extended support until 2026, so your MIM solutions will not suddenly stop functioning, and a limited version of standard support is currently available with an Azure AD Premium subscription. In line with other end-of-life services over the years, various premium support options will be made available from Microsoft, and this will likely continue until all MIM functionality is replicated in Microsoft’s cloud offerings. This isn’t currently the case, however, it is gradually being undertaken.

The Identity and Access Management (IAM) landscape is extremely varied, and Microsoft are developing Azure AD to cover these variations, so the closer we get to EOL for MIM, the greater the functionality to include IAM variations is likely to be. As it stands now though, organizations dependant on MIM have until 2026 to consider alternative solutions.

Current choices available in replacing or augmenting MIM are;
• Replace MIM entirely with Microsoft cloud functionality (Azure AD)
As pointed out, AAD and MIM do not quite carry completely congruent functionality, so this effectively means a migration in full to Azure AD. This could be a highly disruptive and costly solution.
• Migrate to a different cloud or Identity Management vendor
As above, this comes with a cost in both monetary terms and potential interruptions to business operations. In moving to a different vendor, you also may not see any appreciable benefit over just migrating to Azure AD.
• Retain MIM and engage ongoing support from an external vendor
This is workable, but since we don’t know what support will look like for MIM after it is EOL, rushing into a sub-optimal solution may cause real problems, especially if Microsoft will replace MIM functionality with cloud offerings before the EOL date.
• Partial migration or introduction of cloud services to replace most of MIM functionality and replacing the remaining functionality with an external vendor’s toolkit.
This is a great solution, as there is reduced pressure to move away from infrastructure that uses MIM, and there are vendors that have toolkits that will fulfil some of this missing functionality.

PowerSyncPro is just such a tool, and can work seamlessly in the background to augment, and even replace, a large section of MIM functionality. A powerful, efficient directory sync tool that enables seamless large-scale identity synchronisation, PowerSyncPro helps organisations with hundreds of thousands of users, groups and contacts migrate their data with less downtime and disruption.

PowerSyncPro will also allow long-term synchronisation between platforms such as Microsoft Active Directory, Azure Active Directory, Exchange Online, Lotus Domino, Google and SQL Server, effectively allowing MIM-dependent infrastructure to coexist seamlessly alongside more modern cloud-based directory solutions.

There are some functions that currently cannot be migrated to Azure AD, such as the Password Change Notification Service (PCNS) captures AD password changes and forwards them to MIM, which forwards them again to target systems. If your organisation uses PCNS then your best option would be to retain MIM, and use PowerSyncPro to fill the functionality gap, and synchronise your systems with any other required directories and platforms. We would also recommend using PowerSyncPro to replace MIM plus BHOLD functionality, which is functionality not currently migrated to Azure AD.