I know I am forgetting something obvious - however... I have a sync rule for flowing attributes from FIM to AD and in the list of attributes to flow to (Destination) I don't see the generational qualifier. However I've added that mapping within
the FIM MA attribute mapping. What am I forgetting? How do I get a broader set of AD attributes to appear in the destination attribute drop-down list?
sync rule flow definition - how to populate destination attribute list.
↧
↧
Non admin user cant create user
Hello.
Im trying to create an MPR to enable managers to create users, but They cant see the New user button.
Any ideas?
↧
FIM Portal: Member Tab in group not opening
Hello All,
is there any max limit of members within a Security Group in the FIM Portal ?
I experienced the problem within a group with about 400 members.
The members tab is not opening by clicking on it. Groups with less members are no problem.
It this general an overall performance case?
Any ideas, where I need to check the settings?
Regards Fatih
↧
Grandfelt Powershell Management Agent
Hello,
I'am starting use Powershell Management Agent but i'am a little bit confused .
Actually, i want to make a simple test writing (export) in a text file the displayName of my users.
can someone give me the first steps to do it via the Powershell MA.
Thanks
↧
attributes not appearing in ADUC
Hi Folks - I currently flow a handful of FIM Portal attributes for a user to AD successfully. However, recently I added several more yet they don't seem to appear in AD or even AD Connector Space. Yet I did add map them in the FIM MA and selected the specific attributes I want within the AD MA such that I could flow them in the sync rule. I did see them in the Metaverse so I know they are being populated with values. They just never make out... thought?
↧
↧
Powershell script FIM Schema
Hello ,
i'am looking for a powershell Script permetting to create the attributs and bindings in FIM from a CSV file ?
Thanks
↧
[Troubleshooting] FIM Service Polling the Exchange Web Service (EWS) fills the Application Event Log:
[Troubleshooting] FIM Service Polling the Exchange Web Service (EWS) fills the Application Event Log: http://social.technet.microsoft.com/wiki/contents/articles/17439.troubleshooting-fim-service-polling-the-exchange-web-service-ews-fills-the-application-event-log.aspx
Tim Macaulay Security Identity Support Team Support Escalation Engineer
↧
UocRadioButtonList change default button
Hi
In the default RCDC for creating a new group there is a RadioButton default set in 'owner approval required'
How do I get it set default in 'none' instead ?
I have tried with changing the order of the <my:Option but that didnt work.
<my:Control my:Name="Join" my:TypeName="UocRadioButtonList" my:Caption="%SYMBOL_JoiningCaption_END%" my:RightsLevel="{Binding Source=rights, Path=MembershipAddWorkflow}">
<my:Options>
<my:Option my:Value="Owner Approval" my:Caption="%SYMBOL_OwnerApprovalCaption_END%" my:Hint="%SYMBOL_OwnerApprovalHint_END%"/>
<my:Option my:Value="None" my:Caption="%SYMBOL_NoneCaption_END%" my:Hint="%SYMBOL_NoneHint_END%"/>
</my:Options>
<my:Properties>
<my:Property my:Name="Required" my:Value="{Binding Source=schema, Path=MembershipAddWorkflow.Required}"/>
<my:Property my:Name="ValuePath" my:Value="Value"/>
<my:Property my:Name="CaptionPath" my:Value="Caption"/>
<my:Property my:Name="HintPath" my:Value="Hint"/>
<my:Property my:Name="ItemSource" my:Value="Custom"/>
<my:Property my:Name="SelectedValue" my:Value="{Binding Source=object, Path=MembershipAddWorkflow, Mode=TwoWay}"/>
</my:Properties>
<my:Events>
<my:Event my:Name="SelectedIndexChanged" my:Handler="OnChangeMembershipWorkflow"/>
</my:Events>
</my:Control>
<my:Events>
<my:Event my:Name="BeforeLeave" my:Handler="OnLeaveOwnersGrouping"/>
</my:Events>
Regards
Per
↧
default user insert in UocIdentityPicker
Hi
In the default RCDC for creating a new group there is a UocIdentityPicker for members of the group.
During creation it default suggests the user creating the group as a member.
How do I in the RCDC XML remove that suggestion ?
<my:Grouping my:Name="GroupingMembers" my:Caption="%SYMBOL_MembersTabCaption_END%">
<my:Help my:HelpText="%SYMBOL_MembersTabHelpText_END%" my:Link="5d8daa86-efd0-48f8-bb91-8f8eebc9897f.htm#bkmk_grouping_GroupingMembers"/>
<my:Control my:Name="MemberToAdd" my:TypeName="UocIdentityPicker" my:Caption="%SYMBOL_MembersToAddCaption_END%" my:Description="%SYMBOL_MembersToAddDescription_END%" my:RightsLevel="{Binding
Source=rights, Path=ExplicitMember}">
<my:Properties>
<my:Property my:Name="Mode" my:Value="MultipleResult"/>
<my:Property my:Name="Rows" my:Value="10"/>
<my:Property my:Name="ObjectTypes" my:Value="Person,Group"/>
<my:Property my:Name="ColumnsToDisplay" my:Value="DisplayName, AccountName"/>
<my:Property my:Name="AttributesToSearch" my:Value="DisplayName, AccountName"/>
<my:Property my:Name="Value" my:Value="{Binding Source=object, Path=ExplicitMember , Mode=TwoWay}"/>
<my:Property my:Name="UsageKeywords" my:Value="%Attribute_Type%"/>
<my:Property my:Name="ResultObjectType" my:Value="Resource"/>
<my:Property my:Name="ListViewTitle" my:Value="%SYMBOL_MembersPopupListviewTitle_END%"/>
<my:Property my:Name="PreviewTitle" my:Value="%SYMBOL_MembersToAddPopupPreviewTitle_END%"/>
<my:Property my:Name="MainSearchScreenText" my:Value="%SYMBOL_MemberSearchText_END%"/>
</my:Properties>
</my:Control>
</my:Grouping>
Regard
Per
↧
↧
Group Membership BulkUpdate
Hello People,
we experienced in our FIM Portal system a lot of complaints from our customers about bulk membership updates within groups.
Therefore we developed an own administrative page and added to the portal, which allows you to add/delete and report the membersips of your groups in a easy way.
If somebody require also this convenient administrative task, send me an email.
I can send the aspx site and the code behind.
Regards Fatih
↧
FIM 2010 R2 SP1 with SCSM 2012
I know that FIM 2010 R2 SP1 now claims support for SCSM 2012. FIM Reporting allows us to use a free copy of SCSM / DW for just the purpose of reporting services. Does this only apply to SCSM 2010 or does this include SCSM 2012 as well? I just want to make sure that we don't install SCSM 2012 assuming that it's free when in reality only SCSM 2010 is free. This issue came about because SCSM 2010 did not require a product key, but SCSM 2012 does.
Thanks,
Mark
Mark Creekmore - BlueVault Software http://www.bluevaultsoftware.com
↧
PCNS Ports
Hi all,
I'm working with a customer on delivering password changes cross-forest, with changes originating in a source domain and being reset in a target domain that also contains my FIM server. I added a new target to a pre-existing PCNS installation today, set the SPNs and opened up the usual ports (135, 5000-5100 and 57500-57520) but found the password changes weren't being delivered to FIM, with an RPC error being logged in event log. When I looked at a network trace, I was surprised to find it using port 49200.
I opened up this port and password changes are being delivered OK now, but I'm anxious to make sure that 49200 isn't just in a range of dynamic ports that I've otherwise not opened up. Anybody have any advice, or what I can check? We did find something suggesting that RPC can use a random port in the range 49152-65535 - would PCNS use that on Windows 2008? Though the strange thing is that EVERY DC seemed to be using this port - not very dynamic at all!
Thanks,
Paul
↧
Choice of OTP via SMS or Email or QA gate for password resets
hi,
Wondering if anyone out there has come across a neat solution to allow a user to use a choice of either SMS, or E-mail, or the QA gate to reset their password in forefront identity manager 210 r2.
I have see the solution of setting up a custom attribute that users can enter a value themselves and based on this value then present them with the password reset by questions or e-mail or sms.
I was hoping that somewhere the otp gates could be modified to say "if a user gets either the question or the security code right then proceed and give the user the option to change their password"
In other words, present the user with the questions, and then the security code, and then check to see if they have either option correct to proceed with the password reset process.
Hope this makes sense.
Regards, Thomas.
↧
↧
The mail contact and mail user must have a valid external e-mail address. Property Name: ExternalEmailAddress
Hi, I have this pb and I can't foud the solution.
The creation of mailbox is ok, but I sync AD user to FIM who doesn't have mailbox (generic account). But when I do a export, I have this error => for me, it's beacause FIM follow Exchange attibute for this
user.
I don't know what is the solution in my case?
Thank you by advanced.
There is an error in Exch2010Extension AfterExportEntryToCd() function when exporting an object with DN CN=stagiarepdl,OU=Utilisateurs,OU=LOIRE,DC=aocdtf,DC=ass.Type: Microsoft.MetadirectoryServices.ExtensionException
Message:
**** ERROR ****
ExternalEmailAddress is mandatory on MailUser. Property Name: ExternalEmailAddress
**** END ERROR ****
**** ERROR ****
The mail contact and mail user must have a valid external e-mail address. Property Name: ExternalEmailAddress
**** END ERROR ****
**** ERROR ****
The mail contact and mail user must have a valid external e-mail address. Property Name: ExternalEmailAddress
↧
FIM Calendar
Hello,
i'am using https://github.com/pieceofsummer/FIMCalendar for FIM2010 R2. After deploying it in SharePoint when i want to access to FIM Portal i have unable to process your request
Any idea ?
↧
FIM 2010 R2 SP1 QA Gate Invalid Answers
So I'm in the process of rolling out the FIM 2010 R2 2010 SP1 SSPR FIM Client extensions and testing the end to end solution. The challenge for myself and the client I'm working with is that some answers during Password Registration aren't acceptable even if they meet the Answer Constraint. For testing we modified the answer constraint to allow any characters and the length of the answer to be greater than or equal to 2.
When we enter a1, hbi123, "answer", or even password is throws an error. Has anyone ran into this before or could shed some light on why the QA Gate is so picky?
↧
FIM Error Exporting user covered by AdminSDHolder
I'm following the guide (http://technet.microsoft.com/en-us/library/ff686264(v=WS.10).aspx) to import AD DS objects into FIM. I can successfully get all users who are not covered under the AdminSDHolder into FIM, and I can search for them within the FIM Portal. The users that are covered by AdminSDHolder get the following error on Export of the FIMMA:
Requestor: urn:uuid:fb89aefa-5ea1-47f1-8890-abe7797d6497 Correlation Identifier: 30f0a139-74f0-4d06-aadb-c53c01b3af5b Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---> System.Data.SqlClient.SqlException: Procedure or function 'GetDomainConfigurationIdentifiersFromDomain' expects parameter '@domainName', which was not supplied. at Microsoft.ResourceManagement.Utilities.ExceptionManager.ThrowException(Exception exception) at Microsoft.ResourceManagement.Data.Exception.DataAccessExceptionManager.ThrowException(SqlException innerException, TransactionAndConnectionScope scope) at Microsoft.ResourceManagement.Data.DataAccess.GetDomainConfigurationIdentifiersFromDomain(String domainName) at Microsoft.ResourceManagement.ActionProcessor.DomainConfigurationActionProcessor.AddDomainConfigurationFromDomain(CreateRequestParameter domainNameParameter, RequestType request) at Microsoft.ResourceManagement.ActionProcessor.DomainConfigurationActionProcessor.DoRequestCreationPreProcessByAttribute(RequestType request) at Microsoft.ResourceManagement.ActionProcessor.ActionDispatcher.DoRequestCreationPreProcessByAttribute(RequestType request) at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean isChildRequest, Guid cause, Boolean doEvaluation, Nullable`1 serviceId, Nullable`1 servicePartitionId, UniqueId messageIdentifier, UniqueIdentifier requestContextIdentifier, Boolean maintenanceMode) at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Put(Message request) --- End of inner exception stack trace ---
Also, is there a good guide for exporting a user object from the FIM Metaverse to a directory system?
SharePoint - Nauplius Applications
Microsoft SharePoint Server MVP
MCITP: SharePoint Administrator 2010
-----------------------
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
↧
↧
Composite query filter returns no results for explicit guid
I am having problems with a specific type of xpath query which I believe is showing an unwanted variation in behaviour between FIM R1 and R2 (SP1). To this end I have created a new bug report on Connect, but I am not sure it is being read by anyone so I am re-posting here.
- The following two queries should return identical results for a valid Person guid, as they do with FIM R1:
/Person[Creator=/* and ObjectID='<myPersonGuid>'] - /Person[Creator=/* and ObjectID=/Person[ObjectID='<myPersonGuid>']]
However, for FIM R2 SP1 (version 4.1.3419.0) the first query returns no results. I have confirmed this result on two separate 4.1.3419.0 versioned sites.
Can anyone else please confirm this problem (i.e. only query style #2 above works for FIM R2 SP1 when style #1 should be all that is needed)?
Bob Bradley (FIMBob @ TheFIMTeam.com) ... now using Event Broker 3.0 for just-in-time delivery of FIM 2010 policy via the sync engine, and continuous compliance for FIM
↧
How could I debug MIIS rule extension ?
I am newbie of VisualStudio.
We use MIIS and VisualStudio2003 for metaverse rule and MA rule extension.
How could I debug those rule extensions ?
I would like to debug those extension code step by step and understand how the galsync synchronization processes are working.
http://social.technet.microsoft.com/wiki/contents/articles/3991.how-to-debug-your-ilmmiis-provisioning-code.aspx
http://www.wapshere.com/missmiis/debugging-your-extension-code-from-visual-studio
We have test environment of MIIS.
1
Souce code need to exist in MIIS server ?
2
Do I need to set break point to source code and complile by debug mode and put created DLL and pdb file to extension follder ?
3
Where should I set break point to trace all rule extension functions ?
↧
When/who uses ‘connector filter rules
Forum Members,
I have a confusion as in when/who uses ‘connector filter rules’?
Do these rules get applied during import or during synchronization?
To make it more clear say my ‘authorized data source’ MA has only two run profiles, full import and full synch.
When connector filter rules will apply, during full import orduring full synch?
Kindly help.
Thanks in anticipation.
Mann↧
More Pages to Explore .....
