Quantcast
Channel: Microsoft Identity Manager forum
Viewing all 7443 articles
Browse latest View live

Problem in Exchange Provisioning (2010) with FIM - "no-start-ma"

February 17, 2016, 1:23 am
$
0
0

Hello,

We are currently using MIM 2016 (I know its not exactly FIM 2010 but it's the only forum I found) and doExchange Provisionning (Exchange 2010). Sometimes and for unknown reasons, we are getting the following errors "not-start-ma". The Management Agents refuses to launch and we have several errors in Event Viewer (see attachment). The problem is that when it's happen, we don't make major changes or big improvements... For now, we get around of this error (when happens) by reverting VM. But the we don't succeed in understanding and solving the problem.

I try to search for this errors code or exceptions but get not much information. For example the following links :http://setspn.blogspot.fr/2010/08/fim-2010-exchange-2010-mailbox.html&http://pureidm.com/viewtopic.php?id=1. But for now we weren't able to solve this question.

Does someone already encounter these errors and could maybe provide advices ?

Thank you for any help

Thibault

Search

Powershell script help

February 17, 2016, 2:26 pm
$
0
0
Can someone help with a Powershell script? Need to query the FIM portal database. Customer wants a list of all their distribution groups with output to a csv file. Attribute Display Name, Description, email address

You could be our Fabulous February FIM Guru!

February 2, 2016, 3:04 pm
$
0
0

Fabulous February is here at last!

This is the month some of the greatest names in TechNet Wiki history will step forth and give us knowledge!

That's YOU by the way!

Drop us a little ray of sun, a few lines of love, or virtual valentine!

Your revelations could enrich so many more if you copied it for posterity into the wiki of wisdom

We need heroes! We need YOU! Join us and grow your reputation amongst some of the greats of the community!

All you have to do is add an article to TechNet Wiki from your own specialist field. Something that fits into one of the categories listed on the submissions page. Copy in your own blog posts, a forum solution, a white paper, or just something you had to solve for your own day's work today.

Drop us some nifty knowledge, or superb snippets, and become MICROSOFT TECHNOLOGY GURU OF THE MONTH!

This is an official Microsoft TechNet recognition, where people such as yourselves can truly get noticed!

HOW TO WIN

1) Please copy over your Microsoft technical solutions and revelations toTechNet Wiki.

2) Add a link to it on THIS WIKI COMPETITION PAGE (so we know you've contributed)

3) Every month, we will highlight your contributions, and select a "Guru of the Month" in each technology.

If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once "on our radar" and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!

Winning this award in your favoured technology will help us learn the active members in each community.

 

January's entries are now being judged, but below are December's mighty winners and contenders!

Guru Award BizTalk Technical Guru - December 2015  

Gold Award Winner

Peter LindgrenBizTalk: Create SSO Bindings Without Joining Active Directory (AD) DomainSK: "Very good article"
SW: "Pragmatic Approach in Development Environment"

Silver Award Winner

Steef-Jan WiggersBizTalk Server : Call external code in an orchestrationSW: "Good explanation and demonstration when to use/call external code in an orchestration."
SK: "Great work here"

Guru Award Forefront Identity Manager Technical Guru - December 2015  

Gold Award Winner

Wim BeckFIM2010: Outbound System Scoping Filter SyntaxSøren Granfeldt: "The best"
PG: "Nice solution, very helpful"

Silver Award Winner

Jeff IngallsHow to Use PowerShell to Create a CSV of FIM/MIM Metaverse ConnectionsPG: "Nice solution, well documented, very helpful"
Søren Granfeldt: "Very interesting read"

Guru Award Microsoft Azure Technical Guru - December 2015  

Gold Award Winner

XAML guyIoT Suite - Under The Hood - Remote MonitoringAS: "Very good article. Just made me play around with the stuff."
JH: "Good explanation of the remote monitoring sample of the IoT Suite. More articles about the IoT Suite are more than appreciated."

Silver Award Winner

Sajid Ali KhanJumpStart into Big Data with HDInsightJH: "Nice article to get started with HDInsight. Lots of easy to follow graphics."
AS: "Nice post. But somehow I really wanted to jump start with Big Data without having to deal with Hadoop :)"

Bronze Award Winner

Ken CenerelliAzure Infographics and Visio TemplatesAN: "Just listing infographics does not add any value for the users. One can just stop by: https://azure.microsoft.com/en-us/documentation/infographics/ and review / download all"
JH: "Good collection of the infographics available for Azure."

Guru Award Miscellaneous Technical Guru - December 2015  

Gold Award Winner

Ken CenerelliCommand Prompt improvements in Windows 10Richard Mueller: "Very interesting and useful information. Well written and explained."

Silver Award Winner

SYEDSHANUASP.Net Web Photo Editing Tool Using HTML 5Richard Mueller: "Lots of well commented code. Good images. Good use of Wiki guidelines. We could use an "Other Resources" section."

Bronze Award Winner

Hussain Shahbaz KhawajaVisual Studio Community for Java DevelopersRichard Mueller: "Good images. We could use links and references."

Guru Award SharePoint 2010 / 2013 Technical Guru - December 2015  

Gold Award Winner

Danish IslamSharePoint: Filter Dropdown values on List InfoPath form based on Current UserRichard Mueller: "Good use of Wiki guidelines. Great images. The "See Also" is good, but because the links are not Wikis, it should be "Other Resources"."

Silver Award Winner

Jesper ArneckeSharePoint 2013 - Workflow Manager – Scripted InstallationRichard Mueller: "Lots of code. References are good, but we could use a "See Also" section."

Bronze Award Winner

Danish IslamSharePoint: Hiding or Ordering Fields on Default List FormsRichard Mueller: "Great use of Wiki guidelines. We can use some references."

Guru Award Small Basic Technical Guru - December 2015  

Gold Award Winner

SYEDSHANUMicrosoft Small Basic: Painting Tool Using Graphics WindowRZ: "This is very nicely done! Fantastic tool for painting and illustrating the drawing capabilities of SmallBasic"

Silver Award Winner

Ed Price - MSFTSmall Basic Sample: Leap Year CheckerRZ: "Leap year calculation is always interesting -- the rules are always just a bit more complicated than you expect :)"

Guru Award SQL BI and Power BI Technical Guru - December 2015  

Gold Award Winner

Greg Deckler (Quick Solutions)Merge Query with MPT: "Greg, nice tip. It's good to see how simple M script techniques like this can supercede the out-of-the-box script generated by the UI tool. I'll use this often."

Guru Award SQL Server General and Database Engine Technical Guru - December 2015  

Gold Award Winner

Ronen ArielySQLCLR: Percentage User-Defined Aggregate FunctionsDurval Ramos: "This article is interesting, but needs more details to demonstrate how to create and use an assembly .Net on SQL Server"

Guru Award System Center Technical Guru - December 2015  

Gold Award Winner

C Sharp ConnerSolution - Correctly restoring Data Warehouse and Registering to SCSM when Cube Process Jobs have gone BadAB: "Nice solution"
Nicolas Bonnet: "Thank you for posting this C Sharp Corner :)"

Silver Award Winner

Adin ErmieService Manager 2012 R2 Installation Fails To Identify SQL Server Instance, and Throws ‘Access Denied’ ErrorNicolas Bonnet: "Nice tip Adin, trhanks"
AB: "Useful read!"

Guru Award Transact-SQL Technical Guru - December 2015  

Gold Award Winner

Naomi NT-SQL: Finding Difference in Columns in the TableDurval Ramos: "This article provides an useful solution to compare values. A very well written and good article that have "Conclusion" to the reader"
Richard Mueller: "Great article. Good use of Wiki guidelines and good code examples."
Samuel Lester: "Outstanding solution! Thanks again for the great depth of your submissions! Job well done!"

Silver Award Winner

Natig GurbanovHow to find incorrect datetime data from "Char" format columnDurval Ramos: "An interesting article about how to use ISDATE function "
Richard Mueller: "Grammar needs work and references would help."
Samuel Lester: "Another good tip, thanks again"

Bronze Award Winner

Natig GurbanovSql Server:Unusual String FunctionsRichard Mueller: "A good effort, but grammar needs work and we could use more explanation."
Samuel Lester: "Fun tip, thanks for covering this rarely discussed function"
Durval Ramos: "Nice, could do with some more work"

Guru Award Universal Windows Apps Technical Guru - December 2015  

Gold Award Winner

Umer QureshiHow to create and use custom controlJH: "Nice article. Love the animated pictures."

Silver Award Winner

Sajid Ali KhanJumpStart With Data Binding in UWPJH: "Very informative article about data binding. Unfortunately some of the pictures are missing."

Bronze Award Winner

Umer QureshiIntroduction To Data Binding Using Model ClassJH: "Good example of one of the greatest features of XAML."

Guru Award Visual Basic Technical Guru - December 2015  

Gold Award Winner

tommytwotrainSpace Invaders game using a DataTable and DataGridViewAnthony D. Green: "Bonus points for being fun. It's also well presented and informative."
AN: A great fun article, well laid out too"
Richard Mueller: "A very well written article. Lots of code and good references."
Carmelo La Monica: "Very nice work, is very good to see a game with Datagrid. Congrats for work and vb net code."

Silver Award Winner

SYEDSHANUExternal Program Text Read using VB.NETCarmelo La Monica: "Nice article, great animate images and vb net code."
AN: "Very nice article, lots to read and love"
Anthony D. Green: "Well structured but needs some proof reading. It's an informative example of using the Win32 API through P/Invoke but lacks sufficient motivation for the example."
Richard Mueller: "Grammar needs work and we could use references."

Bronze Award Winner

.paul.InputDialog DemoRichard Mueller: "Great examples and code."
Carmelo La Monica: "Great work, very interesting sample and code. Congrats."
ANThe article is too short/simple. It re-implements funtionality available in the platform without demonstrating clear benefit. It's more of a code sample than an article.

Guru Award Visual C# Technical Guru - December 2015  

Gold Award Winner

Anil KumarC# Delegate – a silent hero behind modern programmingJaliya Udagedara: "Explains one of the most important types in .NET Framework. It would have been good if explained with more sample code."
Carmelo La Monica: "Fantastic topic, great code, congrats!"

Silver Award Winner

Qasim ChaudhryHow To Customize Identity in ASP.NET MVC5Jaliya Udagedara: "Good! Step by step guide to customize ASP.NET Identity."
Carmelo La Monica: "I'm not expert of AspNet, but this article is very useful and detailed in all parts!"

Bronze Award Winner

SYEDSHANUSPC CP and Cpk Chart in C# Windows FormsCarmelo La Monica: "Fantastic, i mean is similar to tool for debug, great work."
Jaliya Udagedara: "Needs some explanations to the code."

Guru Award Wiki and Portals Technical Guru - December 2015  

Gold Award Winner

Andy ONeillTechNet Guru Iconography SuggestionsRichard Mueller: "What fun! Lots of good ideas here. Gets me thinking."

Guru Award Windows PowerShell Technical Guru - December 2015  

Gold Award Winner

Ken CenerelliList Services With PowerShellRichard Mueller: "Well written article. The "See Also" section should only include Wiki articles, so those links could go in the "References" section."

Guru Award Windows Presentation Foundation (WPF) Technical Guru - December 2015  

Gold Award Winner

Andy ONeillSeasons GreetingsPeter Laker: "Yey for the seasonal article!"

Silver Award Winner

Umer QureshiDifference between Grid and StackPanelPeter Laker: "Nice explanation, thanks Umer"

 

Thanks in advance!
Pete Laker

#PEJL
Got any nice code? If you invest time in coding an elegant, novel or impressive answer on MSDN forums, why not copy it over toTechNet Wiki, for future generations to benefit from! You'll never get archived again, and you could win weekly awards!

Have you got what it takes o become this month's TechNet Technical Guru? Join a long list of well known community big hitters, show your knowledge and prowess in your favoured technologies!

Dynamic Group criteria

February 18, 2016, 1:53 am
$
0
0

Hi,

We have to create a number of dynamic distribution groups for our corporate communications department, an example of this is groups based on service organization and level or rank.  This results in about 500+ groups.  I have scripted the creation of these groups in AD.

My question is: Is it possible to script the selection criteria of these groups in the FIM portal?  I don't really want to do this manually for so many groups :-)

Any will appreciate any idea

Thanks

Johan Marais

JkM6228

Can Forefront Identity Manager R2 use SQL Server 2012?

September 3, 2012, 3:25 am
$
0
0

Can FIM R2 use SQL Server 2012 R2 (Enterprise)?

Do you have to put it in compatibility mode with 2008?

synch users and groups from open LDAP into Active Directory

February 18, 2016, 4:09 pm
$
0
0


I'm trying to synch users and groups from open LDAP into Active Directory. 

  Is FIM / MIM2016 the right product for my use case? 

Many thanks.

Delete from CS not working

February 8, 2016, 10:07 pm
$
0
0

Hi All,

I have 3 MAs and using FIM 2010 R2 .

CSV file ma -> employees , creates in AD

AD ma 

SQL ma -> contractors are created from here and contains all users (emp and contractor ) .

Now when i am trying to delete contractor record from SQL , it is not triggering a delete in MV and  AD.

So i wanted to delete a record in SQL --> that should delete record from MV and AD

After deleting the record from SQL , when i run FI , it says unchanged 2280 ( count is decreased after deleting the record from SQL ) however it doesnot trigger a delete in MV after FS

de provisioning setting : 

csv : make them disconnector

AD : stage a delete

SQL : make them disconnector

I have also tried deleting CS of SQL but that also did not help

Please help , any suggetsions..

Regards

Aditya


AdiKumar

Getting Errors with password SYNC

February 19, 2016, 3:20 am
$
0
0

Hi,

I have created a on premises Domain Xyz.com also created some users and Sync with office 365 and working fine due to some Hardware crash i have formatted and reinstalled the same xyz.com on premises.Everything is working fine with the new AD and the only problem i am facing is that the Users created with the old xyz.com password reset is not getting sync.

I have created all the users on the new domain but the office 365 users are not deleted at the time of crash and after the new domain it got SYNC and working.

Search

Changing anchor SQL management Agent

February 19, 2016, 1:12 am
$
0
0

We have SQL Management agent used for creating accounts in AD/LDAP.

Achor is Accountname , we generate it based on Fname and lname when a record is added to SQL.

Join is AccountNumber ( which is another unique entry)

Now we want to change Anchor for SQL to some other attribute in SQL-  we want to use column number as a new anchor.

My understanding is if we change anchor , it will generate a record in FIM for all the objects present.

Any suggestion or steps for changing anchor for SQL  without affecting current users in SQL / AD ?


AdiKumar


uniquenessvalidationxpath

February 19, 2016, 7:04 am
$
0
0

I have the validation rule that works fine when the user tries to change the current email address to another email address.

But if the current one is blank and they enter a duplicate one, the portal accepts the duplicate value. Please help.

<my:Property my:Name="UniquenessValidationXPath" my:Value="/Person[not(ObjectID='%ObjectID%') and ExternalEmail='%VALUE%']"/>

why samaccountname is randomly generated?

February 20, 2016, 3:35 am
$
0
0

hello

in group provisioning to active directory, why samaccountname is random? look below:

And my flow is like this

What is the best way to add manager (reference attribute) to MetaVerse entry in the following situation.

September 23, 2015, 11:56 pm
$
0
0

We have a SQL Table of users and their managers as main source to MetaVerse.

The table is provided by HR and gives the ids for all the INTERNAL users + managers.

However, some of the INTERNAL users may have EXTERNAL managers and these manager ids will not exist in the Sql table as "user ids".

In this case FIM will flow a null to manager field in the MetaVerse as it cannot find (dereference the external manger's id)

All is not lost, all managers should have AD accounts. The manager's id not in HR table can be found in AD 99 times out of 100.

What I want to know is the best strategy to fill in the MV manager attribute when null by getting it from AD. What confuses me is the manager being a 'reference' field. This fact may limit my options.

What if I wrote some C# import attribute flow rule for the HR MA, is it OK just to push the DN *string* of the manager found in AD into MV:manager attribute? If not what should this C# code do??

What is best way to cover this hole, I am sure we are not unique in this situation?

ECMA 2.0 Full Import Error Run Profile ( File based )

January 15, 2016, 6:29 pm
$
0
0

Hi All,

There is a error "Extension Could not be loaded" while creating the Full Import of file based  ECMA 2.0.

When refresh the interface, it shows the Management Agent support "Full Import".

Unable to create any of the Run Profile of the MA. Kindly suggest and advice.

Thanks & Regards,

Anirban Singha

ECMA v1 Full Import Hungs

January 14, 2016, 9:57 am
$
0
0

Hello. We have FIM 2012 R2 SP1 v 4.1.3646.0 installed

We are having a strange behavior with an ECMA 1.0 MA, in which the Full Import run profile gets into an infinite loop and consumes almost all the CPU. The FIM console does not show any updated numbers (and there should be) for the operation, as the CS is not getting populated, and after a long time in the “in-progress” state with no progresses we need to stop the run. Then, the console immediately shows the“stopped-user-termination-from-wmi-or-ui” state.

This MA works fine in ILM 2007, but not on FIM 2012 R2 (tested on several FIMs with same results).

This MA was initially configured for import and export. Then the FI (Staging only) run profile was created (along with several export profiles), and after that the MA was reconfigured to have interface for export only. That way, export are processed by the dll (call based) and the FI by FIM.

Any ideas? Thanks!!

FIM Portal - Multiple objects header sorting issue

January 12, 2016, 11:49 am
$
0
0

Hey all,

I have an issue I cant seem to figure out how to resolve.

I have a page in the portal I created called Phonebook

I have populated the search scope to return both Person Objects and a custom resource call contacts

The search works great, but when I try to sort the page by anything but display name (by clicking the header) it turns up blank with no results and I have to hit search again. Then I can sort it.

This also happens with just the custom object contacts page.

Any help you can give would be appreciated.

Thanks

Russ

Russell Lema

Search

Microsoft Identity Management 2016 Documentation

February 15, 2016, 8:07 am
$
0
0

Is there any plans to release documentation for Microsoft Identity Manager 2016, specifically the Certificate Management area?  The MIM 2010 / 2010 R2 guides are pretty good (not great) but I can't find much at all about MIM 2016 and what might be different.

Moreover, I finding quite a few references to '2010' and '2015' within MIM 2016 wizards and webpages.  I'm questioning the QA that went into it's release.  Is this really safe to use in an enterprise environment?

Bryan Berns

How to bring AD attribute to map in the Synchronization rule?

February 21, 2016, 9:58 pm
$
0
0

Hi,

I am trying to create a new synchronization in FIM Portal. I have defined one rule to map the attribute from source system into FIM. The second rule to map the attribute from FIM to AD. I am not getting the AD attribute to map in the destination.

How do I bring it to map it?

Thanks

Advanced import attribute flow for reference attribute "member" for "group" object

February 1, 2016, 9:30 pm
$
0
0

Hi Folks,

We have a scenario that when a group is created in AD with members in it, it should flow the members for the first time to metaverse and then to FIM Portal. After this, if members are added/removed in AD for the group these changes should not flow in to the metaverse and members in FIM Portal must override the changes done directly in AD. We thought we could achieve this with a rules extension but learnt that advanced flow rules for reference attributes is not allowed.

Any suggestions on how this can be achieved?

Any help would be appreciated.

Thanks,

Veena

Inbound Synchronization rule not applied

February 22, 2016, 4:49 am
$
0
0

Hi,

I'm running FIM 2010 R2 in a testing environment to test the following situation: I want to join existing user accounts in AD with employee data from the HR system. Relationship criteria should be the AD attribute EmployeeNumber which corresponds to the EmployeeNumber in the HR system. Therefore I added the attribute EmployeeNumber in the schema of the metaverse and the portal.

I configured a MA for SQL (HR System) and for AD and for the FIM portal. In the FIM portal I configured an inbound synchronization rule for SQL with the setting "Create Resource in FIM" enabled. That part works fine, the users are imported and synchronized to the metaverse and also synchronized to the portal and the attribute EmployeeNumber is populated.

I also configured an inbound synchronization rule for the AD MA. Here I configured "Create Resource in FIM" disabled, since I don't want accounts from users that don't exist in the HR database to be synchronized to FIM. I configured EmployeeNumber in the inbound attribute flow. I can see that the Synchronization rule is projected to the metaverse, but it isn't executed. When I search the connector space of the AD connector, I can see that all user accounts are imported to the connector space with the following attributes:

displayName, name, objectSID, pwdLastSet,sAMAccountName and UserAccountControl. None of them are configured in the Synchronization Rule. The attributes configured in the Synchronization rule however are NOT synchronized, so I conclude that the Synchronization rule isn't executed at all.

What am I doing wrong?

Kind regards,

Klaus

Request gets split when group is exported to FIM Portal from AD.

February 21, 2016, 9:43 pm
$
0
0

Hi All,

I notice something weird and want to understand the reason for this.

We created a new attribute in MV schema as well as FIM Portal schema for group object and defined an export attribute flow for it in FIM.Service MA. Now when a group is created in AD and then exported to Portal, all the other group attribute flow configured in the MA are going via a single request in portal but for the new attribute flow defined, Portal is creating another request. Any idea why? I have not configured the attribute flow for this new attribute in a special way/different way. Its a direct mapping from AD to MV to Portal.

Can someone help me here.

Thanks in Advance

Veena

Viewing all 7443 articles
Browse latest View live
Search