In many of my previous posts I talked about B2B users being replicated to your own AD for guest users to be able to login to your backend (Kerberos) applications.

This adding of guest users to your AD can be done using my PowerShell script, the MIM guide from Microsoft – although it seems to be missing some steps – or you use the following guide I published on my github in full .md format – that walks through every step on the way.

It essentially has 2 installation options, and you can choose which one you want to deploy

  • Portal based – doesn’t require any customization and can be installed using Windows Server 2016, SharePoint 2016, SQL 2016 and MIM 2016 + SP2
  • Custom DLL the custom DLL removes the requirement for the MIM portal (and thus SharePoint) and can be used directly in the MIM Synchronization engine. It generates way more complex passwords; a lighter more secure version – thanks to @Predica for the DLL foundation.

Without further ado,


AAD Guests MIM Rule Architecture
Tagged , , , , , ,