Quantcast
Channel: Microsoft Identity Manager forum
Viewing all 7443 articles
Browse latest View live

Adding an attribute to AD LDS

November 11, 2020, 9:28 am
$
0
0

I apologize if this is the wrong place to ask this question, but it's the closest forum I could find. If there's a better place please point me int he right direction.

We have an AD LDS instance with two servers used for a special application. Two Questions:

  1. Not all the fields (user attributes) come over to AD LDS in our sync from our Active Directory. Is it possible to control or add more fields to sync?Where would I look for this?
  2. I have added an attribute to AD LDS using ADSI Editor. Once I was able to create the proper attributeID it seemed to add successfully, synced to the other AD LDS instance, and looks just like our other attributes. The problem is it's still not available to the objects, specifically user objects. Hopefully I'm just missing something minor because this issue is really starting to hold up a project.

Any help is greatly appreciated!

Search

MIM 2016 page does not load correctly and pop-ups do not open

November 9, 2020, 7:37 am
$
0
0

Hello all, 

I have installed a new instance of MIM 2016 SP2 and updated to build 4.6.263.  I also updated IE to 11.1518.17763.0.  Upon finishing it was noted that the MIM portal page does not load correctly in IE


The page either cuts off and doesn't not layout the text correctly.  Also, clicking on any link or button, does not load the pop-up UI on any page.  I believe I installed all of the requirements (SharePoint 2019, Sql 2019, Windows Server 2019), but it looks like I still have some issues going on.   Any assistance would be greatly appreciated.

Cancelling a pending export delete

November 13, 2020, 12:12 am
$
0
0
A user has been disconnected from an AD MA with deprovisioning set to delete. The user is protected in AD, cannot be deleted, but the MA retries deletion on every run and throws an error. How can I clear this without deleting the user?

Delay in Activating Roles

November 13, 2020, 1:58 am
$
0
0

I am not sure I have come to the correct place but here goes:

When I come to the Azure site and activate my admin role I get an email confirming that. However, I cannot get to my admin section; I keep getting access denied. Then after about an hour I get access.

This is really frustrating. Is there a way around this?

Local Admin User changes the settings after AAD Join

November 14, 2020, 4:41 am
$
0
0
The device has local admin account as local admin group. After AAD joined, it will change the 'never expires' to 'change password after next logon'. How would it happen? How can I remain the local admin account setting after join to AAD?

Microsoft EndPoint Task Sequence is showing as Scheduled to Install

November 16, 2020, 9:47 am
$
0
0

Hi,

I have Micrrosoft EndPoint configuration manager. I created a task sequence to update Windows 10 version to 1909.

I made it required not available.

But it is updating windows on some computers without prompt. But on some computers,  it is showing as Scheduled to install.

Can anyone tell me why it is behaving like this on some machines?

Thanks,

Anees

manually joining two attributes

November 17, 2020, 10:47 pm
$
0
0
I have a user whose contract expired and he was disabled in the HR system, he  was was then rehired but now in the HR system he has new employee number.  How do i join the new profile to the old profile because i don't  want to create a new AD user. it will cause problems like different SIDs

Need registry enrty open all shortcuts in internet explorer from Microsoft edge

November 18, 2020, 7:37 am
$
0
0
Need registry enrty  open all shortcuts in internet explorer from Microsoft edge
Search

Receiving erron when closing Sync Service Client ( MIISClient) after MIM SP2 upgrade. How to solve?

November 19, 2020, 2:43 am
$
0
0

Hi,

I've upgrade Mim Sync service from SP1 version 4.5.202.0 to SP2 version 4.6.34.0

After this upgrade if I close Sync Client (MiisClient) from Metaverse Search tab or from Joiner Tab, I obtain following error

Searching in event viewer I found this error:

Application: miisclient.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at Microsoft.DirectoryServices.MetadirectoryServices.Schema.Schema.Dispose()

and

Faulting application name: miisclient.exe, version: 4.6.34.0, time stamp: 0x5da0aa73
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff9b45b98d3
Faulting process id: 0xfe8
Faulting application start time: 0x01d6be5a4cad7cd1
Faulting application path: C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\UIShell\miisclient.exe
Faulting module path: unknown
Report Id: cfdf6463-2a4d-11eb-80d4-0050568432aa
Faulting package full name: 

I try to upgrade to august hotfix (version 4.6.263.0) but problem persist

Have you also this trouble?

How to fix?

Thank you.

Best Regards 

Luca.

MIM SSPR Users Created in AD and flowed to portal get error 3001 on reset

November 19, 2020, 7:10 am
$
0
0

Hello Everyone, 

i'm having an issue with mim sspr i hope someone can help.

so i've set up SSPR on mim 2016 with OTP 

when i create a user in the portal all is okay, i get the mail,then access the reset password which sends me an otp and i can change the password, 

now if i create a user in active directory and flow it to the portal, 

i see all the correct workflows being executed, and i get the first email that sends me to the password reset portal, and when i enter the username of the person i want to reset the password to i get an error

Access Denied

Ensure you enter your user name correctly. If you still cannot reset your password, please contact your helpdesk for assistance. (Error 3001)

any idea on what i am missing ? i thought about the objectSID, and i am flowing it to MIM....

thanks

Hitch Bardawil

Refund from Microsoft Office 365

November 19, 2020, 8:57 am
$
0
0
I am a student and found out I can get Microsoft Office for free. I would like a refund back for this new subscription.

Why doesn't this filter work on a set?

November 19, 2020, 11:35 am
$
0
0

This is the filter: /Group[((MembershipLocked = 'true') and ((ExplicitMember = /Person) or (ExplicitMember = /Group)))]

I also tried this, to fit the boolean format used in the portal: /Group[(MembershipLocked = True) and ((ExplicitMember = /Person) or (ExplicitMember = /Group))]

It works fine with export-fimconfig, but I can't set it as the filter value for a set.  But when I try to submit it as a set filter, it returns:

Error processing your request: The server was unwilling to perform the requested operation.
Reason: 
Unspecified.
Correlation Id: 
ba539635-0782-4ae8-a772-7efd6c87bcd8
Details: 
Request could not be dispatched.

Is this getting caught by the unsupported definition  "Sets cannot reference the membership of Group resources"?

My goal here is to get a set of all dynamic groups with static members.  Is there another way to do that?

MIM Graph MA error on delta import "File was corrupted or removed. Try to re-run 'FullImport' to re-initialize it."

May 21, 2020, 5:00 pm
$
0
0

I recently upgraded the MS Graph connector to 1.1.1170.0 (from 1.1.1130.0).  Now when I run a delta import on the MA that uses this connector, it fails with an error.  Full import and all the other operations work fine.

It looked like it needed a schema update, which I performed (and it took several hours, which seems a lot longer than it should for a database of this size).  Delta import worked immediately after that, but it's failing again.

The full error message in the event log is:

Log Name:      Application
Source:        FIMSynchronizationService
Date:          5/21/2020 2:40:21 PM
Event ID:      6801
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SVPHCMIM01.hc.hctx.net
Description:
The extensible extension returned an unsupported error.
 The stack trace is:
 
 "Microsoft.MetadirectoryServices.ExtensibleExtensionException: Exception during the import: ---> Microsoft.IdentityManagement.Connector.Graph.GraphAPIException: File was corrupted or removed. Try to re-run 'FullImport' to re-initialize it.
   at Microsoft.IdentityManagement.Connector.Graph.LocalStorageManager..ctor(String fileName, String fileHash, Boolean isDeltaImport)
   at Microsoft.IdentityManagement.Connector.Graph.ImportContext.GetImportEntries()
   at Microsoft.IdentityManagement.Connector.Graph.GraphConnector.GetImportEntries(GetImportEntriesRunStep importRunStep)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityManagement.Connector.Graph.GraphConnector.GetImportEntries(GetImportEntriesRunStep importRunStep)
Forefront Identity Manager 4.5.412.0"
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="FIMSynchronizationService" />
    <EventID Qualifiers="49152">6801</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2020-05-21T19:40:21.754947400Z" />
    <EventRecordID>1773995</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SVPHCMIM01.hc.hctx.net</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Microsoft.MetadirectoryServices.ExtensibleExtensionException: Exception during the import: ---&gt; Microsoft.IdentityManagement.Connector.Graph.GraphAPIException: File was corrupted or removed. Try to re-run 'FullImport' to re-initialize it.
   at Microsoft.IdentityManagement.Connector.Graph.LocalStorageManager..ctor(String fileName, String fileHash, Boolean isDeltaImport)
   at Microsoft.IdentityManagement.Connector.Graph.ImportContext.GetImportEntries()
   at Microsoft.IdentityManagement.Connector.Graph.GraphConnector.GetImportEntries(GetImportEntriesRunStep importRunStep)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityManagement.Connector.Graph.GraphConnector.GetImportEntries(GetImportEntriesRunStep importRunStep)
Forefront Identity Manager 4.5.412.0</Data>
  </EventData>
</Event>

MIM Portal Login

October 9, 2020, 9:00 am
$
0
0

Hi There,

Is there a way users can Login into the MIM Portal without being prompted for Credentials. In other words using the same session token for login into AD to access the MIM Portal.

Akinzo



There's an error in the display configuration. Please contact your system administrator. No visual configuration is specified.

September 29, 2020, 7:14 am
$
0
0

Hi,

We recently did a migration of MIM from server to server using the Powershell based tools and am now recieving errors related to the resource control display configurations. The below is shown at the bottom of the window when trying to create new Sets for example.

"There's an error in the Set display configuration. Please contact your system administrator. No visual configuration is specified."

Looking at the RCDCs i can see most are duplicated. I've found a few entries about this (though not much!) about re-installing the FIM portal, but that's not really viable in this case. 

Is there anyway to fix the RCDCs as this is preventing us from creating or modifying MPRs, Workflows, Sets etc.

Thanks.

Adam


Search

MIM for GAL Sync between two organizations

September 25, 2020, 12:24 am
$
0
0
Hi Team,

I need some advise.

We have a use case in which we want to have GAL Sync between two organization.

That means we have two seperate Forests.
Forest A - Having Exchange Hybrid 
Forest B - OnlyExchange Online

There is a one way trust between Forest A and B ( A is dominant , B cannot do any changes in A )

So, we plan to use MIM and install it in Forest A and MIM has GalSync Agents already.

Is there any documentaion or links which I can refer to plan the solution ?

Get-AzureADServicePrincipalOwner -ObjectId XXXXX

October 28, 2020, 12:13 pm
$
0
0

When I execute below command , the output is not returning anything. Could you please help how to get the owner information of a SPN

Get-AzureADServicePrincipalOwner -ObjectId XXXXX

Convert Privileged Group scope from Universal to Global

October 30, 2020, 3:56 am
$
0
0

Hello Team,

Is there an option to convert domain privileged group, (Enterprise Admins & Schema Admins) from Universal to Global scope. Will that secure the privileged group in a Single domain forest.

Thanks.

MIM 2016 SP2 Portal - SQL Performance

September 25, 2020, 12:15 am
$
0
0

Hello!

I've patched a few environments to 4.6.263.0 and I've noticed really abysmal performance in the MIM-portal compared to 4.5.412.0 when writing changes to objects in the database.

For test I added a a new bool to users that does nothing else. Changing this value in the portal will run up to 30 seconds.

Sync engine seems to have equal performance as before.

I've increased the timeouts so it seems that it runs ok but it just takes a lot longer time. Have anyone else experienced the same issues patching to SP2?


Custom resource type is not displayed in criteria-based group filter selector

September 23, 2020, 11:58 am
$
0
0

I've created a custom resource type, Computer, and have it synchronizing with an AD MA.  I need to populate groups by the computer's operating system (this attribute is synchronized and visible in the portal).  I created a new group and set it to criteria-based, but when I go to the members tab it only shows "all eligible resources", "groups", and "users", no other resource types. 

I can create a set with the criteria I want.  And the filtering works if I build the filter xml manually and set it to the group's filter attribute.  But I can't change anything with that group in the GUI since it will claim the filter is not valid.

Did I miss something I needed to do to let the custom resource type show up as part of the criteria selection for groups?

Viewing all 7443 articles
Browse latest View live
Search

Latest Images

7 clever tricks Primark does to keep you walking & buying more than you need...

7 clever tricks Primark does to keep you walking & buying more than you need...

July 20, 2025, 5:14 am
Art for Everyone! Autism advocacy, local stories, and indigenous pride in one...

Art for Everyone! Autism advocacy, local stories, and indigenous pride in one...

July 20, 2025, 5:06 am
Paintings of English Downs 2

Paintings of English Downs 2

July 20, 2025, 4:30 am
How Kerala Women Rescued a Dying Forest and Turned It Into a Safe Haven for...

How Kerala Women Rescued a Dying Forest and Turned It Into a Safe Haven for...

July 20, 2025, 3:30 am
Met Eireann warns of heavy rain & spot flooding for DAYS before big...

Met Eireann warns of heavy rain & spot flooding for DAYS before big...

July 20, 2025, 1:14 am
Who is Kevin Lerena’s wife Geraldine?

Who is Kevin Lerena’s wife Geraldine?

July 20, 2025, 12:57 am
Man stabs woman, baby to death inside Queens home, police say

Man stabs woman, baby to death inside Queens home, police say

July 19, 2025, 11:00 pm
Ang papel ni whistleblower Julie Patidongan sa kaso ng mga nawawalang sabungero

Ang papel ni whistleblower Julie Patidongan sa kaso ng mga nawawalang sabungero

July 19, 2025, 9:45 pm
Telangana Human Rights Commission (TGHRC) seeks report from revenue dept on...

Telangana Human Rights Commission (TGHRC) seeks report from revenue dept on...

July 19, 2025, 7:29 pm
Crisis-hit NHS fat cats raking in MASSIVE salaries as frontline services cry...

Crisis-hit NHS fat cats raking in MASSIVE salaries as frontline services cry...

July 19, 2025, 2:11 pm
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>