Hi, I installed the portal and it works fine on windows server 2012 R2 and first also on a windows 10 computer.
After a time the site is not loading any more. I get the message:
Oops! something went wrong. The ajax call failed, please contact your administrator.
Status code: 500.
Error: Internal Server Error.
What can be the problem?
GH
Hey experts,
I'd like to make the 'Description' attribute searchable in the portal. How do I go about doing this? The idea is I want to add keywords to the 'description' field that the end users would use to find the relevant Security Groups they are looking for. For example, if they search for Slack all groups with keyword Slack (in description) would be returned.
Any guidance would be appreciated.
Christian
Dear's,
I am to sync the user and password from one DC forest to different DC forest. I chose the product MIM 2016. Can it be accomplished without MIM Service and Portal like i only install MIM Synchronization Service and it let me sync the user and password to different DC forest. if MIM service and portal is required then i have to install share point as well which is prerequisite for this.
Hi all,
Im trying to install FIM 2010 R2. The sync service and portal are not a problem, but when I want to install the service, it fails. I fill in all the required information and press the "install" button. It starts installing, but when the "copying new files" appears, the statusbar stops around 90%, and start to Roll back and the installation failes.
I tried installing with verbose logging which gives me the following(don't know if this has anything to do with it tbh):
---------------------------------------------------------------------------------------------
MSI (s) (34:54) [13:02:30:442]: Hello, I'm your 32bit Elevated custom action server.
CAQuietExec:
CAQuietExec: URL reservation delete failed, Error: 2
CAQuietExec: The system cannot find the file specified.
CAQuietExec:
CAQuietExec:
CAQuietExec: Error 0x80070001: Command line returned an error.
CAQuietExec: Error 0x80070001: CAQuietExec Failed
CustomAction DeleteResourceEndpointAcl returned actual error code 1603 but will be translated to success due to continue marking
[....]
Calling custom action Microsoft.IdentityManagement.ServerCustomActions!Microsoft.IdentityManagement.ServerCustomActions.CustomActions.AddServiceToPerformanceMonitors
Adding FIMService account to 'Performance Monitor Users' group
Property name = 'ServiceAccount', value = 'XXXX\XXXX.
DomainName='XXXX'
AccountName='XXXX'
Domain AD found
Exception thrown by custom action:
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Runtime.InteropServices.COMException (0x800706AB): The network address is invalid.
---------------------------------------------------------------------------------------------
Any help is appreciated.
MCTS, MCPD
Hi All
I have implemented basic Approval Workflow using Microsoft Article. But still am not able to see the Workflow Triggered. not able to identify what exactly went wrong.
Thanks
I'm quite sure it's a bug in MIM 2016 sp1. I don't know about MIM 2016 RTM.
Using the PowerShell commandlet this way the request fails:
But, using it this way the request worksjust fine
Using the PAM-Portal to schedule the request for a minute later through the GUI also returns no error.
In my environment the REST API portal and the ACTIVATION PORTAL are separated.
So, do we really have a bug here?
There's a few posts already on the net regarding just that:
https://docs.microsoft.com/en-us/microsoft-identity-manager/reference/privileged-access-management-rest-api-service-details
https://social.technet.microsoft.com/Forums/en-US/2d20dbd9-16c2-4506-b6f8-a76376e7b3c7/mim2016-installing-pam-server?forum=ilm2
https://forums.iis.net/t/1228060.aspx?HTTP+Error+500+19+Internal+Server+Error+FIM+PAM+portal
GH
Dears,
i have a microsoft identity manager 2016 deployment to install and configure.
i installed sql server 2016 on a windows server 2016, and installed the sharepoint 2016 and mim 2016 on a separate server windows server 2012R2.
Now the installation was completed successfully, and created the run as profiles and the synchronization rules.
Users from AD are synced into the MIM portal.
i just need help with its configuration, as i couldn't find anything regarding that.
Installation is done, what is next?
the portal looks so heavy.
can anyone share his knowledge on that product with me?
your help is much appreciated
best regards
I'm trying to connect MIM 2016 SP1 to a 3rd party application by using the PowerShell MA. I've successfully gotten it to import the existing list of users and groups in the app and join them to the metaverse as well as export a new user from MIM to the app. However, now I'm trying to build the export for groups and I'm not sure how to proceed. I have the metaverse group member attribute set to flow to the PowerShell group member attribute. When the membership of the group changes in MIM an export is staged. In the synchronization service GUI I can see that its going to send the new member as an "add" change and that's confirmed by looking at the export log.
The problem is that my PowerShell script never sees the change. What I mean is that during the export the CSEntryChange object has the right ID for the group that needs to be changed and the modification type is set to Update but the AttributeChanges and the ChangedAttributeNames collections are both empty. So where do I get the membership change from? I've tried changing the MA parameters from AttributeUpdate to AttributeReplace with no change in behavior.
I figure I must be missing something simple, but I'm not sure what. I've been searching for a couple days now with nothing that really points me in the right direction. Any help anyone can provide is greatly appreciated. Thanks!
Hp Printer Customer Support Number (1-866-932-7634) hp is a USA equipment association and one of the greatest merchants of printers. This association manufactures distinctive sorts of printers like spot system, scanners, inkjet printers, etc. To know https://www.hptollfreenumber.com
Dear All,
we have around 237 duplicates users account entries in MV. how can we delete these entries from Metaverse. these users are already available in AD and MIM portal.
MIMMA trying to create this accounts in MIM Portal getting ObjectSID uniqueness issue.
Need your help.
Thanks,
Shashidhar
I have FIM 2010 RTM setup. All FIM roles with SQL DB installed on single m/c. MA are configured for AD & FIM. Everything was workign fine. First I have imported users from AD to FIM portal, then I have started with groups. Then I have configured outbound sync rule for groups to update only members in AD.
Since last few days I am facing following errors while doing FIM MA export/Import.
FIM MA Import
exported-change-not-reimported
FIM MA Export Error
1) dn-attributes-failure
Fault Reason: The endpoint could not dispatch the request.
Fault Details: <DispatchRequestFailures xmlns="http://schemas.microsoft.com/2006/11/ResourceManagement" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><DispatchRequestAdministratorDetails><FailureMessage>Request could not be dispatched.
Exception: Other
Stack Trace: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---&gt; System.Data.SqlClient.SqlException: Reraised Error 50000, Level 16, State 1, Procedure ReRaiseException, Line 31, Message: Reraised Error 50000,
Level 16, State 1, Procedure ReRaiseException, Line 31, Message: Reraised Error 8114, Level 16, State 5, Procedure GenerateRequestOutput, Line 363, Message: Error converting data type nvarchar to bigint.
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlDataReader.ConsumeMetaData()
at System.Data.SqlClient.SqlDataReader.get_MetaData()
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method)
at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
at System.Data.SqlClient.SqlCommand.ExecuteReader()
at Microsoft.ResourceManagement.Data.DataAccess.DoRequestCreation(RequestType request, Guid cause, Guid requestMarker, Boolean doEvaluation, Int16 serviceId, Int16 servicePartitionId)
--- End of inner exception stack trace ---
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(CreateRequestDispatchParameter dispatchParameter)
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean
isChildRequest, Guid cause, Boolean doEvaluation, Nullable`1 serviceId, Nullable`1 servicePartitionId)
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean
isChildRequest, Guid cause, Boolean doEvaluation)
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Put(Message request)</FailureMessage><DispatchRequestFailureSource>Other</DispatchRequestFailureSource></DispatchRequestAdministratorDetails></DispatchRequestFailures>
2) failed-modification-via-web-services
Fault Reason: The request message contains errors that prevent processing the request.
Fault Details: <RepresentationFailures xmlns="http://schemas.microsoft.com/2006/11/ResourceManagement" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><AttributeRepresentationFailure><AttributeType>AccountName</AttributeType><AttributeValue></AttributeValue><FailureMessage>The specified attribute value must be unique for this Resource Type.</FailureMessage><AttributeFailureCode>ValueViolatesUniqueness</AttributeFailureCode></AttributeRepresentationFailure></RepresentationFailures>
3) failed-creation-via-web-services
Fault Reason: The request message contains errors that prevent processing the request.
Fault Details: <RepresentationFailures xmlns="http://schemas.microsoft.com/2006/11/ResourceManagement" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<AttributeRepresentationFailure><AttributeType>ObjectSID</AttributeType><AttributeValue></AttributeValue><FailureMessage>
The specified attribute value must be unique for this Resource Type.
</FailureMessage><AttributeFailureCode>ValueViolatesUniqueness</AttributeFailureCode></AttributeRepresentationFailure></RepresentationFailures>
It is updating most user & groups accounts in FIM portal. When I searched in metaverse I found that the objects for which the error is reported having two entries in Metaverse. I am not able to find out why it is giving errors for account name & objectSid.
I have removed ad group outbound sync rule & FIM MA is configured for basic user & group Export attribute flow with two sync rule. but still no luck..
Any help on this is much appreciated. Thanks in advance..
dears,
i deployed mim 2016 in my lab.
followed technet guide in order to create the run as profiles and sync the users from AD to MIM.
i created now users from mim portal, can anyone provide me with the steps to do in order to synchronize the users vice versa from mim to my AD?
thank you
More or less related to my upgrade question.
Situation to start from:
Situation to go to:
Now my question: is the MIM 2016 SERVER software backwards compatible? E.g. can FIM 2010 clients connect and perform a SSPR against a MIM 2016 server?
Or is it the other way round? Can a MIM 2016 SSPR client talk to a FIM 2010 server?
I've got quite some clients to upgrade and the first option, server is backwards compatible, would be very very convenient...
Hello,
Client have a production window server 2008 r2 with fim 2010 rtm installed and sql server 2008 r2 installed on different server and wants to upgrade them to mim 2016 sp1 and sql server 2016 on new window 2016 server and 2012 r2 platform respectively.
We are not doing in place migration.
Below are steps we performed:
Below is the error we received:
Error 25009 the microsoft identity manager synchronization service cannot configure the specified database.Invalid object name 'mms_management_agent'
<hr=0*80230406>
We tried to change the compatibility level from sql server 2008 to sql 2016 for FIM database but still getting the same error.
Is it possible to add a hyperlink to the FIM 2010 R2 sspr success page after a password reset?
I know you can customize text by modifying the strings.resource file, but I can't seem to add a hyperlink.
If I type out the HTML tag it doesn't work.
Cheers
IT Support/Everything
I have a "Unique Values" database that stores used usernames from many sources. Originally, I was planning on storing these usernames in 3 custom object types in the Metaverse and then send them out to the Unique Values DB with a SQL MA. These could be repeats of usernames of person objects. My reasoning for this was because I do not want them in the portal unless they are joined with an actual person. I am now realizing that this plan cannot work because those objects in the Unique Values MA connector space cannot be joined with multiple MV object types. Am I reading this documentation correctly? Do I need to do away with the custom object types and project person objects for a proper join? Is there any other way to keep the usernames that are not joined with a person from going out to the portal? Any suggestions?
Thanks!
Mike Leach | http://blogs.catapultsystems.com/mleach/default.aspx
Hi
I've got two SQL MAs that I'm trying to sync some attributes between. These are DateofBirth and ExpectedEndDate.
In the source SQL table I get these values in the format 1968-07-23 00:00:00.000
I can flow these values in to the metaverse via a direct flow on the source MA and export them to the destination SQL table. If I look directly at the destination table with SQL Management Studio I can see that these have been populated correctly. However when I do my confirming import I get the 'exported-change-not-reimported' error and when I look at what it is trying to do I see:
Imported Value 1968-07-23 00:00:00
Export Value 1968-07-23 00:00:00.000
It's been a very long week and maybe I'm missing something obvious but why is it trying to import a different value from what I can see in the destination SQL table? Any ideas what I can do about this?
Thanks for any help.
I think I already know this answer. But, I figured I would see if anyone has done this before.
I have a bunch of users synced to the metaverse from another domain. I am only using their usernames to send to a database via a SQL MA for use in a workflow that queries that DB. I do not want them to clutter the portal. There are over 50,000 of them. I initially tried using a custom object type which does keep them from syncing to the portal due to no mapping. But, that didn't work because I need all usernames from multiple sources to go to that SQL DB. You cannot have connector space objects connected to multiple MV object types. Is there any way to keep certain users from exporting to the portal?
Thanks.
Mike Leach | http://blogs.catapultsystems.com/mleach/default.aspx