Dears,
Is it possible to create 1-way Sync and 2-way Sync between MIM and other Systems!!
And Can I configure one place or location to be the main location to modify changes -assuming I have email/HR/ERP systems-
↧
Creating 1-way Sync and 2-way Sync between MIM and other Systems!!
↧
Does FIM/MIM installation require AD DS Schema extending ?
Dears,
Does FIM/MIM installation require AD DS Schema extending ?
↧
↧
What are the differences between Join and Projection Rules in FIM/MIM?
Dears,
What are the differences between Join and Projection Rules in FIM/MIM?
↧
Does FIM/MIM have SSO solution and is there any relationship with ADFS?
Dears,
Does FIM/MIM have SSO solution and is there any relationship with ADFS?
↧
Register Portal error: The current user account is not recognized by Forefront Identity Manager. Please contact your help desk or system administrator. (Error 3003)
hello
using register portal with a user show error '
The current user account is not recognized by Forefront Identity Manager. Please contact your help desk or system administrator. (Error 3003) '
after that i went to this link:
that expert says make sure samaccountname, domain exist in portal. i can see the user is in portal and active directory. do i need to have both inbound/outbound sync rule for ad to fim? because at the moment, there is outbound rule from fim to AD. i suspect that portal does not have sid of the user in active directory and the reason is there is no inbound rule from AD to fim portal.
any ideas?
↧
↧
Configure FIM delegation using FIM portal!
Dears,
How to configure FIM delegation using FIM portal!
↧
Where is the Password Registration URL stored/generated from the Portal Home page?
Trying to use/understand this FIM Password Registration and Reset feature.
I have followed the FIM/MIN install guide from the article: https://technet.microsoft.com/en-us/library/mt219040.aspx
The FIMServer hostname I am using is MIMONE and its FQN is mimone.mimtest.local
I followed to the letter the install guide above.
To get the Password registration and reset feature to work, I had to edit the web.config files so the base address is in each case
http://mimone:5725 (the install process seemed to add an extra "http")
Ok.
I can access the Registration page fine, IF I enter the URL: http://mimone:8080
The Reset works as well IF I enter the URL http://mimone:8088
BUT... From the Portal Home page, if I click on the Register for password reset link, it generates the URL: http://mimone.mimtest.local:8080 (which is what the install guide advised) which gives me a bad request invalid hostname error.
Hovering over the link shows it as Javascript:PwdRegister();
How do I fix this JS to send requests for Password Registration to: http://mimone:8080 and not mimone.mimtest.local:8080 ?
↧
what is Breadcrumbing in FIM/MIM?
Dears,
what is Breadcrumbing in FIM/MIM?
↧
Synchronize User and Distribution List between forests and convert user object to contact objects
Hello,
I am not an expert with FIM/MIM Synchronization. And I want to know if the following is possible with the Synchronization Service and what tools we have to use additional
Currently:
We have three forests: User forest and two Resource Forests (all trusted). Today we have a synchronization and provisioning of new users (from one OU) from the account forest to the Resource Forest1 in place. Works great with the MRE from S.Granfeldt
Our Plan:
Now, "ALL" the users from the Account Forest must be synchronized to an additional Resource Forest 2. The Distribution lists must be synchronized also and the users, which are synchronized (in a former step) to Resource Forest 1, must be appear
as contacts in Resource Forest 2. I assume that it is not possible to convert a user object to a contact object, therefore the users must be new-created as contact objects in the Resource Forest 2. We want to have all the users shown up in the GAL
I just want to get a feeling of what is the best way to manifacture this. And what extensions (eg. MRE or the PowerShell MA) we have to investigate and to play with to let this work. We don't have the FIM Service. We have only the Synchronization Service
and our development must be codeless (except PowerShell)
Thanks
Klaus
↧
↧
Mailbox De-Provisioning VIA FIM 2010
There's a requirement for disabling the mailbox only for few users, there's not any specific attribute for doing this like UAC. Can anyone help me in understanding and if there's some custom way of doing it then can anyone put some light on that too?
Regards,
Manuj Khurana
↧
AD Replication via FIM
There is a requirement for synchronizing a fresh new AD with an old AD taking the old AD as the source for all the objects. The requirement is to have all the information & data to be pulled from one AD and provisioned to the new AD but with FIM. Can
anyone help me in this in the optimised way possible.
Regards,
Manuj Khurana
↧
Adding New fields in the "New User" form in FIM Portal?!
Dears,
I want to Add new fields in the "New User" form in FIM Portal?!
For example I need to add ID number, passport number and other options for the users, so how can I acheive this?
Thanks
Regards
↧
State or Province missing from FIM Portal?
On the FIM portal, many aspects of contact info are represented. These include Address, City, Postal Code and more. One that is conspicuously missing is State – like CA or WA or NY. It’s just not there. I cannot see how this isn’t an issue for folks, but I have found nothing about it. I see the State attribute in the Metaverse and also in the FIM Portal Attributes, but it is not represented in the Portal GUI anywhere that I can see.
A second issue is Country/Region. I don’t see how this is mapped. I have found the Country attribute in the FIM Portal Attributes, but it seems to have no relation to the GUI. The pull-down doesn’t set it and the pull-down is not set by it.
↧
↧
ECMA Agent Configuration too large for Portal/Service ma-data object
Hi,
We have an agent implemented in ECMA 2.3. The agent has 9 Object Types. Each object type has a large number of attributes (the total number of attributes is 130).
We've had no problems with the agent until now when we added some more Object Types (and more attributes). The agent imports fine in the FIM Sync Engine, but we get the errors listed below when FIM tries to update the ma-data config object for the agent in the FIM Service/Portal.
Unfortunately I think we've hit some limit on the size of the agent configuration in the ma-data object (one attribute value becomes too large "String or binary data would be truncated"). The attributes in the ma-data resource should probably all be unindexed strings, but they are not :(
I guess we're the first to use this many attributes in an agent. Has anyone else run into this aswell?
Event Log:
A update on the configuration of a MA or MV failed to replicate to a target connector directory that is capable of storing MA/MV configurations. As a result, the MA/MV configuration data in this connector directory is not up to date. Please
correct the condition that causes the error, and triggers a resync by updating the password information of the target MA.
Error 1:
Additional information:
Error Code: 0x80230020
Error Message: (Management agent encountered an error exporting to the connected directory.)
Operation: Create MA
Name of the MA to replicate: LargeAgentName
Guid of the MA to replicate: {17380C64-973F-499D-9DA3-94EAA59BD089}
Name of the target MA: FIMMA
Guid of the target MA: {BE7E9C7E-AB08-44FF-974C-02A79CE61833}
Error 2:
Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---> System.Data.SqlClient.SqlException: Reraised Error 50000, Level 16, State 1, Procedure ReRaiseException, Line 37, Message: Reraised Error 50000, Level 16, State 1, Procedure ReRaiseException, Line 37, Message: Reraised Error 8152, Level 16, State 10, Procedure GenerateRequestOutput, Line 505, Message: String or binary data would be truncated.at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.ResourceManagement.Data.DataAccess.DoRequestCreation(RequestType request, Guid cause, Guid requestMarker, Boolean doEvaluation, Int16 serviceId, Int16 servicePartitionId)
--- End of inner exception stack trace ---
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean isChildRequest, Guid cause, Boolean doEvaluation, Nullable`1 serviceId, Nullable`1 servicePartitionId, UniqueId messageIdentifier, UniqueIdentifier requestContextIdentifier, Boolean maintenanceMode)
at MIIS.ManagementAgent.Configuration.SynchronizationConfigurationManager.CreateSynchronizationConfigurationObject(SynchronizationConfigurationObjectType objectType, SyncConfigObject synchronizationConfigurationObject)
at MIIS.ManagementAgent.Configuration.SynchronizationConfigurationManager.ProcessDescription(SynchronizationConfigurationObjectType objectType, String managementAgentDescription, Boolean update)
at MIIS.ManagementAgent.RavenMA.DoUpdateSynchronizationConfigurationObject(String identifier, MASyncConfigOp operation, String description)
↧
FIM email notification - digitally signed
Is there any way we can digitally sign the email sent out by FIM service? We are going use FIM to send out password expiry notification and we would like to digitally sign the emails. Thanks.
↧
Attibute update from connector space to Metaverse not happening
Hi All,
I am new to FIM. I have created a custom MA which has both export and import flow with all mapping of attributes being 'Direct'. I have a updated value in one of the attributes which comes in the connector space but even after running 'Full Sync' does not go further to Metaverse. I have tried this with other attributes but same issue. No error while running the profiles.
Please suggest where should i look up next.
-GD
↧
MIM 2016 On Server 2012 R2 - Does the QuickStart Tool not work?
I have MIM up and running and was hopping to use the quickstart module tool to get SSPR going but I am having an issue.
Firstly, I cannot find any documentation relating to MIM2k16/QuickStart tool, but I did notice that it does exist in the installation directory, so I figured I'd give it a go.
When I run Import-Module QuickStart, I get the StrongName error as mentioned in the FIM2010 Documentation for the tool. I have added the registry entries as the 2010 documentation recommends, and restarted, but I continue to get the StrongName error.
I was wondering if anyone else has tried to run this tool on MIM 2016/Server 2012R2? Or, if anyone has gotten this error and resolved it?
Here is the error that I get:
Thanks for any assistance!
↧
↧
display name is not flowed from MV to FIM portal
hi
i am going through provision users from AD to fim portal. after running the profiles, user is imported in metaverse and connector space, but after running export, user displayname,accountname is not flowed. because when i look at the user in fim portal, he does not have displayname and samaccountname.
this picture is how it looks like:
and these is my attribute flow from FIM MA:
why is happening. user in metaverse has all attributes but after export to fim, some attributes are empty.
merci beaucope
↧
Is it possible to Sync Lockout Settings from FIM portal to other Systems!
Dears,
Suppose I want to configure the lockout settings using FIM portal, is it possible to sync it with other systems like HR, ERP.
↧
FIM Portal Lockout settings and AD Group policy lockout settings!
Dears,
The AD lockout settings and the FIM portal settings are same? can they be synced? if not can we sync them? and do they make any issues if I have a conflict between FIM lockout and A lockout?
Thanks
Regards
↧