Quantcast
Channel: Microsoft Identity Manager forum
Viewing all 7443 articles
Browse latest View live

Export to CSV

January 27, 2017, 3:15 am
$
0
0
Sync data with our new oracle HR system via CSV files. The oracle admins have provided an export in CSV which I have successfully imported into MIM and then exported to AD.

However the issue now is to create an Extract to CSV with changes to user accounts in AD. The changes successfully sync back to MV. But I cannot seem create a CSV using the "delimited file MA". I have tried the Outbound Sync Rule method with a MRP and workflow. An ERE is added to the user account you can see the relevant objects imported when you do a MIMMA import. However when you export using the inbuilt "Delimiter File" MA nothing happens and the CSV (one specified in the Export run profile) file is empty.

Search

MIM 2016 SP1 with PAM and Skype for Business RBAC

February 3, 2017, 6:04 am
$
0
0

Hi, 

I can't seem to find any information regarding delegating access (RBAC) to Skype for Business across a forest trust ("bastion forest"). Have anyone of you tried this and succeeded? 

Just creating a PAM group of the CsAdministrator group does not work (the group membership is listed by whoami /groups as expected when logged on) and I don't see an equivalent of Microsoft Exchange's "LinkedForeignGroup". 

Any tips, thoughts or ideas?

Andreas


Are there any C# MA extension rule 'connector filter' examples in Technet?

February 3, 2017, 6:12 am
$
0
0

We need to build somehow a connector filter rule to filter on a Date attribute.

The oob basic criteria option has things like Ispresent, Startswith Equals and so on. Nothing like IsAfter IsBefore.

I understand we need write code in the FilterforDisconnection Method... but where is an example? Hunted all over with Google and Bing but no luck.

Has anyone an example I can use as a basepoint?

how to provision "departement" information from HR to FIM Portal to AD

February 3, 2017, 7:09 am
$
0
0

Hi,

i need your help to configure/synchronize specific information from HR to FIM Portal, then to AD attribute: the specific information which we need to upload it in AD (in departement attribute) is "the Residence" from HR DB.

We configured already the synchronization rules  as described below,and  the attribute flow which configured on AD MA and HR MA.

  1. HR to FIM Portal synchronization rule

 

 2. FIM to AD synchronization rule:


 The attribute flow are configured as below (on AD Management agent and HR Management agent):

 

ADMA:

 


 

 

 

 

HR HR MA:

iff

i

 


LDAP query to Xpath filter

February 3, 2017, 12:44 pm
$
0
0

We are doing a conversion from a system that uses LDAP queries for setting dynamic groups, is there a way to convert these queries into Xpath filters easily, or do I have to do it manually for the groups?

I know that the languages have similarities, but have yet to find a way to easily do it for the 7000 groups I am converting

Russell Lema

Using Active Directory for public services

January 21, 2017, 3:58 pm
$
0
0

I know not traditional that using on-premise active directory (Local AD) for public services, but I don't have alternative that has AD's features. For example many software that integrated with AD.

I want know active directory is good choice for using as authentication/authorization/account solution in a website? (For public services)

Note: I don't give permission to public users that they can access directly to AD. It is possible use the ADFS between AD and public users.

MPR behavior with changing sets

February 6, 2017, 2:53 am
$
0
0

Hello!

Can somebody explain some MPR logics?

I have MRP (Transition In) + Workflow for AD provisioning users. They are using sync rule with Initial flow for password generation for users and emails to manager with account information. I’m using a set with static defined user set (with employeeID numbers)

 

As I understand if I make “Disable” and “Enable” at MPR I will get reapplied MPR, right? Moreover, all my users will receive new passwords and managers will receive emails. This is not acceptable, because system is going to production.

I need to change my test static set to “All People” production set, how it can be safely done? Thanks!

1

MIM 2016 SP1 and FIM 2010 Granfeldt Workflow Activity Library - Couldn't compile Compile Error: CS2032 in Ln 0 Col 0-Character

February 6, 2017, 5:03 am
$
0
0

So, we are running a C# code with MIM 2016 SP1 using FIM 2010 Granfeldt Workflow Activity Library.

The code itself should work because it works with FIM 2010 R2 and also FIM 2010 R2 updated to MIM 2016 (not SP1).

Are there any known compatibility issues between MIM 2016 SP1 and FIM 2010 Granfeldt Workflow Activity Library?

See the error messsages:

PostProcessingError:
Couldn't compile Compile Error: CS2032 in Ln 0 Col 0-Character '

Evet Viewer:
System.Exception: Couldn't compile
Compile Error: CS2032 in Ln 0 Col 0-Character '

   at Granfeldt.FIM.ActivityLibrary.CodeRunActivity.CompileCode_ExecuteCode(Object sender, EventArgs e)
   at System.Workflow.ComponentModel.Activity.RaiseEvent(DependencyProperty dependencyEvent, Object sender, EventArgs e)
   at System.Workflow.Activities.CodeActivity.Execute(ActivityExecutionContext executionContext)
   at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(T activity, ActivityExecutionContext executionContext)
   at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(Activity activity, ActivityExecutionContext executionContext)
   at System.Workflow.ComponentModel.ActivityExecutorOperation.Run(IWorkflowCoreRuntime workflowCoreRuntime)
   at System.Workflow.Runtime.Scheduler.Run()



Search

Group Creation RCDC change - Lost Membership Type Radio Buttons

February 6, 2017, 11:42 am
$
0
0

Hello,

I was attempting to add a basic text box, bound to an attribute I've mapped to the Group objects ("groupType"), to the group creation RCDC.  All I did was copy the existing Description control, paste that under the Description control and change the "description" values in the new control node to my new attribute "groupType".  But, when I imported the new RCDC, my new control showed up in the RCDC, like I expected, but the MembershipType control disappeared. I went back to the original RCDC (I exported and saved it off before I started changing it).  My "groupType" attribute is gone, as I expected, but so is the MembershipType control. So, I'm stuck. I don't know what to do to get those three radio buttons back. I've restarted IIS, rebooted the MIM server, and still no membership type control on the RCDC.

Any ideas?

Greg

Avoid Null Value to be synced to AD

June 22, 2018, 12:40 am
$
0
0

Dear All,

We have created logic for group (Dynamic/Static).

When we are trying to export attributes to AD. null values always shows in Export. So how can we avoid it.

Note: Not enabled Allow null values

Need Your Help!

Thanks,

Shashidhar


MIM2016SP1 Service and Portal Install Error

June 1, 2018, 11:21 am
$
0
0

I have been pulling my hair out with this for some time now. I have been searching only through various TechNet posts and a handful of other sites and i have yet to be able to get a successful install of the MIM2016 service. 

My lab environment includes:

Server 2016 DC

Server 2016 MIM server (SQL2016, Sharepoint2016)

Server 2012R2 MIM server (SQL2014, Sharepoint2013SP1) tried this since i couldn't get it to install on the 2016 server

Server 2012R2 Exchange Server with 2013Sp1 installed

Errors in log file

Lots of these but they seem to be in any copy of the ISO that i download so i assume this is normal

DEBUG: Error 2826:  Control ckboxUseSSL on dialog ExchAndCertificateDlg extends beyond the boundaries of the dialog to the right by 15 pixels
The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2826. The arguments are: ExchAndCertificateDlg, ckboxUseSSL, to the right

DEBUG: Error 2769:  Custom Action ValidateSyncAccount did not close 1 MSIHANDLEs.
The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2769. The arguments are: ValidateSyncAccount, 1, 
Action ended 13:31:34: ValidateSyncAccount. Return value 1.

This seems to be the fatal error the installer experiences:

CAQuietExec:  
CAQuietExec:  URL reservation delete failed, Error: 2
CAQuietExec:  The system cannot find the file specified.
CAQuietExec:  
CAQuietExec:  
CAQuietExec:  Error 0x80070001: Command line returned an error.
CAQuietExec:  Error 0x80070001: CAQuietExec Failed
CustomAction DeleteResourceEndpointAcl returned actual error code 1603 but will be translated to success due to continue marking
MSI (s) (C4:EC) [13:32:14:893]: Executing op: ActionStart(Name=RollbackAclResourceEndpoint,,)

Also this error is listed:

CustomAction AddServiceToPerformanceMonitors returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
06/01/2018 13:32:27.827 [5828]: Assembly Install: Failing with hr=80070005 at RemoveDirectoryAndChildren, line 393

And then the final summery

=== Logging stopped: 6/1/2018  13:34:40 ===
MSI (c) (E8:5C) [13:34:40:353]: Note: 1: 1708 
MSI (c) (E8:5C) [13:34:40:353]: Product: Microsoft Identity Manager Service and Portal -- Installation failed.

MSI (c) (E8:5C) [13:34:40:354]: Windows Installer installed the product. Product Name: Microsoft Identity Manager Service and Portal. Product Version: 4.4.1302.0. Product Language: 1033. Manufacturer: Microsoft Corporation. Installation success or error status: 1603.

MSI (c) (E8:5C) [13:34:40:358]: Grabbed execution mutex.
MSI (c) (E8:5C) [13:34:40:358]: Cleaning up uninstalled install packages, if any exist
MSI (c) (E8:5C) [13:34:40:359]: MainEngineThread is returning 1603
=== Verbose logging stopped: 6/1/2018  13:34:40 ===

I've searched and searched for any information on these but i haven't been able to really find much information on it so any help would be greatly appreciated. 


 

Physical to Virtual Migration of FIM server

June 25, 2018, 12:50 pm
$
0
0

Hi,

I have a FIM physical server , that is going to migrate soon.

May I know what all thing need to be taken care before and after migration ?

Any help is much appreciated.

stopped-extension-dll-exception

June 27, 2018, 4:56 am
$
0
0

Dear All,

when I am trying to run Export Profile Getting stopped-extension-dll-exception status.


Accounts are being created as Disabled in Active Directory even with 512 in user control account value

June 26, 2018, 11:36 pm
$
0
0

Hi All,

Greetings! I am facing this issues since from last three days. All of my accounts that are being provisioned from MIM to Active Directory are created as disabled accounts in Active Directory. Even I am passing 512 to UserControlAccount attribute. 

Below are the stats of AD MA Export for one record. Now when I see in AD, this account is marked as disabled.

Kindly help me and guide me in this regard.



F.

exporting null value to AD Accountexpires

June 27, 2018, 12:48 am
$
0
0

Dear All,

I am trying to delete existing accountexpires value. using following c# script but no luck

long iFileTime = 9223372036854775807;
                    if (mventry["employeeEndDate"].ToString() != null)
                    {
                        DateTime dtFileTime = DateTime.ParseExact(mventry["employeeEndDate"].Value, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'.000'", provider);

                        csentry["accountExpires"].IntegerValue = dtFileTime.ToFileTimeUtc();
                    }
                    else
                    {
                        csentry["accountExpires"].IntegerValue = iFileTime;
                    }

Need Your Help!

Thanks,

Shashidhar

Search

Who will be announced as the next FIM Guru? Read more about May 2018 competition!!

April 30, 2018, 7:42 pm
$
0
0

What is TechNet Guru Competition?

Each month the TechNet Wiki council organizes a contest of the best articles posted that month. This is your chance to be announced as MICROSOFT TECHNOLOGY GURU OF THE MONTH!

One winner in each category will be selected each month for glory and adoration by the MSDN/TechNet Ninjas and community as a whole. Winners will be announced in dedicated blog post that will be published in Microsoft Wiki Ninjas blog, a tweet from the Wiki Ninjas Twitter account, links will be published at Microsoft TNWiki group on Facebook, and other acknowledgement from the community will follow.

Some of our biggest community voices and many MVPs have passed through these halls on their way to fame and fortune.

If you have already made a contribution in the forums or gallery or you published a nice blog, then you can simply convert it into a shared wiki article, reference the original post, and register the article for the TechNet Guru Competition. The articles must be written in May 2018 and must be in English. However, the original blog or forum content can be from before May 2018.

Come and see who is making waves in all your favorite technologies. Maybe it will be you!

Who can join the Competition?

Anyone who has basic knowledge and the desire to share the knowledge is welcome. Articles can appeal to beginners or discusse advanced topics. All you have to do is to add your article to TechNet Wiki from your own specialty category.

How can you win?

  1. Please copy/Write over your Microsoft technical solutions and revelations to TechNetWiki.
  2. Add a link to your new article on THIS WIKI COMPETITION PAGE (so we know you've contributed)
  3. (Optional but recommended) Add a link to your article at the TechNetWiki group on Facebook. The group is very active and people love to help, you can get feedback and even direct improvements in the article before the contest starts.

Do you have any question or want more information?

Feel free to ask any questions below, or Join us at the official MicrosoftTechNet Wiki groups on facebook. Read Moreabout TechNet Guru Awards.

If you win, people will sing your praises online and your name will be raised as Guru of the Month.

PS: Above top banner came from Kamlesh Kumar.

Thanks in advance!
Ninja [Kamlesh KumarTechNet Wiki Council

Who will be announced as the next FIM Guru? Read more about July 2018 competition!!

July 1, 2018, 12:45 am
$
0
0


What is TechNet Guru Competition?

Each month the TechNet Wiki council organizes a contest of the best articles posted that month. This is your chance to be announced as MICROSOFT TECHNOLOGY GURU OF THE MONTH!

One winner in each category will be selected each month for glory and adoration by the MSDN/TechNet Ninjas and community as a whole. Winners will be announced in dedicated blog post that will be published in Microsoft Wiki Ninjas blog, a tweet from the Wiki Ninjas Twitter account, links will be published at Microsoft TNWiki group on Facebook, and other acknowledgement from the community will follow.

Some of our biggest community voices and many MVPs have passed through these halls on their way to fame and fortune.

If you have already made a contribution in the forums or gallery or you published a nice blog, then you can simply convert it into a shared wiki article, reference the original post, and register the article for the TechNet Guru Competition. The articles must be written in July 2018 and must be in English. However, the original blog or forum content can be from before July 2018.

Come and see who is making waves in all your favorite technologies. Maybe it will be you!

Who can join the Competition?

Anyone who has basic knowledge and the desire to share the knowledge is welcome. Articles can appeal to beginners or discusse advanced topics. All you have to do is to add your article to TechNet Wiki from your own specialty category.

How can you win?

  1. Please copy/Write over your Microsoft technical solutions and revelations to TechNetWiki.
  2. Add a link to your new article on THIS WIKI COMPETITION PAGE (so we know you've contributed)
  3. (Optional but recommended) Add a link to your article at the TechNetWiki group on Facebook. The group is very active and people love to help, you can get feedback and even direct improvements in the article before the contest starts.

Do you have any question or want more information?

Feel free to ask any questions below, or Join us at the official MicrosoftTechNet Wiki groups on facebook. Read Moreabout TechNet Guru Awards.

If you win, people will sing your praises online and your name will be raised as Guru of the Month.

PS: Above top banner came from Vimal Kalathil.

Thanks in advance!
Ninja [Kamlesh KumarTechNet Wiki Council

Thanks,
Kamlesh Kumar

If my reply is helpful please mark as Answeror vote as Helpful.

My blog | Twitter | LinkedIn

This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.


MIM 2016 portal installation error under SharePoint 2013 and SQL 2016

July 3, 2018, 1:46 am
$
0
0

I'm trying to deploy MIM 2016 in a test environment. I have deployed Sharepoint 2013 SP1 and SQL 2016 Enterprise. Trying to install MIM Service and Portal but I'm getting error "the feature you have selected have the following prerequisites. Refer to the installation guide for more information. Please update your machine and retry the installation. -Sharepoint"

Can anyone help me out?

Changing HRDB Table

July 2, 2018, 11:06 pm
$
0
0

Dear Team,

Testing purpose we have created SQLMA with Test Table. Now we would like to change it to production SQL view.

How to change and does it affect SQLMA?

Thanks,

Shashidhar

failed-modification-via-web-services

January 3, 2018, 3:52 am
$
0
0

Hi there,

I've read the threads on this but still need help.

I'm setting sup MIM 2016 SP1 (which is absolutely not my forte) and have run into the this problem when running the Export on the MIM MA.

It seems to be the one detailed in https://social.technet.microsoft.com/wiki/contents/articles/17242.fim-troubleshooting-failed-creation-via-web-services-invalidrepresentationexception-valueviolatesuniqueness.aspx, which suggests creating an Import Attrib Flow for domain --> domain but I can't see how to do that... I don't get the option under Mgmt Agent/Properties/Configure Attribute Flow.

The MIM server was set up according to the instructions at 

https://docs.microsoft.com/en-us/microsoft-identity-manager/microsoft-identity-manager-deploy

Full text of the error is below. Thanks in advance for any assistance.

Fault Reason: The endpoint could not dispatch the request.\r\n\r\nFault Details: <DispatchRequestFailures xmlns="http://schemas.microsoft.com/2006/11/ResourceManagement" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><DispatchRequestAdministratorDetails><FailureMessage>Exception: Other 
Stack Trace: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---&gt; System.Data.SqlClient.SqlException: Procedure or function 'GetDomainConfigurationIdentifiersFromDomain' expects parameter '@domainName', which was not supplied.
   at Microsoft.ResourceManagement.Utilities.ExceptionManager.ThrowException(Exception exception)
   at Microsoft.ResourceManagement.Data.Exception.DataAccessExceptionManager.ThrowException(SqlException innerException, TransactionAndConnectionScope scope)
   at Microsoft.ResourceManagement.Data.DataAccess.GetDomainConfigurationIdentifiersFromDomain(String domainName)
   at Microsoft.ResourceManagement.ActionProcessor.DomainConfigurationActionProcessor.AddDomainConfigurationFromDomain(CreateRequestParameter domainNameParameter, RequestType request)
   at Microsoft.ResourceManagement.ActionProcessor.DomainConfigurationActionProcessor.DoRequestCreationPreProcessByAttribute(RequestType request)
   at Microsoft.ResourceManagement.ActionProcessor.ActionDispatcher.DoRequestCreationPreProcessByAttribute(RequestType request)
   at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean isChildRequest, Guid cause, Boolean doEvaluation, Nullable`1 serviceId, Nullable`1 servicePartitionId, UniqueId messageIdentifier, UniqueIdentifier requestContextIdentifier, Boolean maintenanceMode)
   at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Put(Message request)
   --- End of inner exception stack trace ---</FailureMessage><DispatchRequestFailureSource>Other</DispatchRequestFailureSource><AdditionalTextDetails>Request could not be dispatched.</AdditionalTextDetails></DispatchRequestAdministratorDetails><CorrelationId>d70ac3fc-6a00-4c6d-b369-e481bebab642</CorrelationId></DispatchRequestFailures>

Viewing all 7443 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>